דרושים » אבטחת מידע וסייבר » Cyber security Consultant / CISO ( Chief Information Security Officer )

משרות על המפה
 
בדיקת קורות חיים
VIP
הפוך ללקוח VIP
רגע, משהו חסר!
נשאר לך להשלים רק עוד פרט אחד:
 
שירות זה פתוח ללקוחות VIP בלבד
AllJObs VIP
כל החברות >
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
 
משרה בלעדית
1 ימים
דרושים בריקרוטיקס בע"מ
Job Type: More than one
* CISO Role in a Leading Cybersecurity Company*
Our company specializes in cybersecurity consulting and we are currently expanding our team, and looking for a talented CISO to join our top star team.
We offer a dynamic and challenging role in a company that greatly values human capital and work with cutting-edge security technologies and top-tier clients.
What will you do?
Strengthen cybersecurity across cloud & on-prem networks
Implement security frameworks & best practices
Provide expert guidance on advanced security controls
Requirements:
Job Requirements:
At least 2 years of experience in a CISO role.
Certificate of CISO ( Chief Information Security Officer ) or Professional certification in information technology/security.- MUST
Extensive knowledge of cybersecurity best practices for network and cloud infrastructure.
Familiarity with privacy protection regulations and certifications such as ISO 27001 and SOC2.
Hands-on experience with technical security controls (FW, EDR, etc).
Strong organizational skills, team-oriented, and service-focused.
Knowledge of web security and familiarity with the OWASP Top 10 security risks is advantageous.
High proficiency in English.
This position is open to all candidates.
 
Hide
הגשת מועמדות
עדכון קורות החיים לפני שליחה
8732446
סגור
שירות זה פתוח ללקוחות VIP בלבד
משרות דומות שיכולות לעניין אותך
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
02/07/2026
Location: Tel Aviv-Yafo
Job Type: Full Time
our companys Harmony SASE is looking for an Information Security Manager to join its staff.
This is a unique opportunity for you to work in the #1 worldwide Cyber Security Company, gain expertise and experience leading the information security program for the best of SASE (Secure Access Service Edge).
Key Responsibilities
As Information Security Manager you will:
Governance, Risk & Compliance
Lead and manage the Product Security team
Build, operate, and continuously improve the Harmony SASE Information Security Management System (ISMS), aligning policies, standards, and controls with our company and industry best practices.
Own the Harmony SASE compliance roadmap - lead and maintain certifications and attestations including ISO/IEC 27001, SOC 2 Type II, GDPR, IRAP and C5
Lead enterprise risk assessments and the third-party / vendor risk program, ensuring risks are identified, prioritized, and treated.
Coordinate internal and external audits, manage evidence collection, and remediate findings to closure.
Product & Application Security
Develop and implement a comprehensive AI - Secure Software Development Lifecycle (AI S-SDLC) framework, embedding security into every phase of the SDLC and CI/CD pipelines.
Conduct threat modeling and secure architecture reviews for new and existing Harmony SASE features, partnering with R&D to mitigate vulnerabilities by design.
Operate the application security tooling stack - ASPM, SAST, DAST, SCA, AI Security Scanning and secret scanning - at scale, and partner with development teams to drive findings to remediation while maintaining developer productivity.
Champion secure coding practices and OWASP Top 10 awareness across R&D.
Operational Security & Incident Response
Lead security incident response for Harmony SASE - preparedness, detection, containment, eradication, recovery, and lessons-learned - covering both product and information security incidents.
Oversee identity and access governance, ensuring least-privilege, segregation of duties, and access reviews across production and corporate environments.
Design and operate security automation to enhance the efficiency and coverage of security operations.
Security Culture & Enablement
Foster a culture of security awareness and continuous improvement; deliver targeted training for engineers, operations, and broader staff.
Lead responses to customer security questionnaires, RFPs, and due-diligence requests, representing Harmony SASEs security posture to customers and partners.
Stay current on the evolving Threats Landscape, regulations, and technologies, and translate them into pragmatic improvements to the security program.
Youll enjoy:
Interact with executives, managers, engineers across the company
Be the best security expert and knowledgeable you can imagine
Sharing your day with fun, passionate, brilliant people.
דרישות:
We are looking for you:

Bachelors degree in computer science, Information Security, or related field.
Minimum of 5 years of experience in information security or application/product security, with at least 2 year in a leadership role.
Proven experience building or operating an Information Security Management System (ISMS) and leading certifications such as ISO/IEC 27001 and SOC 2.
Working knowledge of GDPR, PCI-DSS, and NIST CSF / 800-53; familiarity with HIPAA, FedRAMP, DORA, Cyber Essentials, C5, IRAP, AI Security Frameworks and the Cloud Controls Matrix (CCM).
Hands-on experience with S-SDLC, threat modeling, and application security tooling such as ASPM, SAST, and DAST in complex, high-scale environments.
Strong understanding of risk management, third-party risk, identity and access governance, and incident response.
Excellent communication and leadership skills, with the ability and passion to drive change across R&D and the broader organization.
Reports to the Harmony SASE Head of Architecture (R&D Director) and partners closely with R&D, DevOps, IT, Legal, and the company Corp המשרה מיועדת לנשים ולגברים כאחד.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8721123
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
22/06/2026
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
Required Senior Cybersecurity Engineer
Why is this role so important?
As a Senior Cybersecurity Engineer reporting directly to the Chief Information Security Officer (CISO), you will play a key role within our security team. In this position you will drive impactful security initiatives that support the companys business objectives, leveraging innovative technologies and practical solutions to strengthen our security posture while enabling the business to operate securely and efficiently.
You will collaborate with cross-functional teams across the organization, including IT, R&D, Product, and other stakeholders, to ensure that security is embedded throughout our products, services, and operations. You will help identify and mitigate risks, implement effective security controls, and continuously enhance our security capabilities in a dynamic, fast-growing, technology-driven environment.
Responsibilities:
Implement, manage, and continuously enhance security controls across cloud environments (AWS, GCP, Azure), endpoints, SaaS platforms, and applications.
Administer, optimize, and maintain security technologies, including EDR/XDR, SIEM, CDR, CNAPP, DLP, IAM, SASE, MFA, network security solutions, and more.
Take a leading role in securing our adoption of Generative AI & LLM-based technologies, assessing risks, defining security controls, and establishing guardrails for AI agents, MCP-based integrations, and AI-powered applications across the organization.
Design, implement, and automate security processes, workflows, and controls to improve operational efficiency, visibility, and risk reduction across the organization.
Partner with IT, DevOps, Engineering, and Product teams to drive security-by-design principles across system architecture, software development and AI lifecycles, cloud infrastructure, and business operations.
Lead vulnerability management initiatives, including identification, assessment, prioritization, remediation tracking, validation, and reporting across applications and environments.
Implement, manage, and maintain secure configuration baselines, hardening standards, and technical controls aligned with industry frameworks and best practices, including CIS Benchmarks, NIST(CSF), and ISO/IEC 27000 series.
Take an active role in security operations activities, including threat detection, IR, security investigations, and continuous monitoring of the organization's security posture.
Lead GRC initiatives through control implementation, assessments, audit support, customer security & Due Diligence Questionnaires (DDQs), and remediation efforts related to SOC 2, SOX, ISO 27001, and other compliance frameworks.
דרישות:
5+ years of experience in Information Security, Cybersecurity, or a related technical field.
Experience securing cloud environments (AWS, GCP, Azure), SaaS platforms, and enterprise applications (APIs and Integrations).
Experience implementing and managing security technologies such as EDR/XDR, SIEM, CNAPP, IAM, SSO, MFA, Identity Providers (IdPs), WAF, VPN, DLP, ZTNA, and secure connectivity solutions
Strong understanding of security frameworks, standards and best practices, such as NIST CSF, CSA, CIS Controls, MITRE ATT&CK, OWASP, SOC 2, or ISO/IEC 27000 series.
Experience with vulnerabilities/CVEs management, assessment, incident response, and security operations processes.
Experience working with DevOps, R&D, and IT teams to integrate security into OS, cloud infrastructure, SDLC, applications, and operational processes, including authentication and authorization technologies such as SSO, SAML, OAuth, and OpenID Connect.
Experience with scripting and automation using Python, Bash, PowerShell, or similar technologies.
Familiarity with AI security concepts, including risks and controls related to Generative AI, LLMs, AI agents, MCP-based integrations, and AI-powered applications.
Experience supporting GRC initiatives, audits, compliance programs, and security assurance activities המשרה מיועדת לנשים ולגברים כאחד.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8704911
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
2 ימים
חברה חסויה
Location: Herzliya
Job Type: Full Time
we are looking for a security architect to join our team! 
Responsibilities
Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.

Review designed or deployed environments, identifying security flaws and recommending mitigations plans

Review Implementation of technical security controls, identify gaps and offer practical mitigations.

Escort, evaluate and improve our clients security posture by elevating their infrastructure resilience and implement best-practice organizational procedures

Escort mitigation plans and design practical implementations for security issues e.g., firewall policies review, segmentation & segregation recommendations, Microsoft AD-tier Model implementation etc.

Research and advocate for new security solutions and technologies
Requirements:
Qualifications
3+ years of hands-on experience with securing large organizational networks, including security controls, OS hardening, network devices security, etc.

Strong understanding of governance, risk management, and operational processes.

Familiarity with cybersecurity frameworks (NIST CSF, ISO 27001 concepts), risk assessment, mitigation planning, and third‑party risk management.

Significant experience in at least five subjects from the following list:

Vast knowledge and expertise in cyber-security IT systems and cloud infrastructure

Deep understanding of Microsoft IT on-prem and cloud infrastructure, e.g., Entra-id, Office365, AD, GPO, protocols.

Practical experience with cloud environments - AWS, Azure, GCP- A significant advantage

Practical experience in consulting services and risk assessment

Practical experience with security configuration and maturity assessment

Knowledge of security controls, e.g., AV, EDR/XDR, DLP, Device control, etc.

ZTNA design & deployment experience.

Experience with implementing security monitoring procedures & systems (SOC, SIEM, SOAR)
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8731964
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
28/06/2026
חברה חסויה
Location: Petah Tikva
Job Type: Full Time
Were looking for an experienced and passionate Information Security compliance expert, to help drive organization wide security compliance and risks processes such as Risk Assessment, Mitigation Planning, Compliance with security standards, Internal and External Audits preparations and execution, and supporting customer Security requirements operations.
Key Responsibilities:
Planning, performing, and tracking cyber security gap analysis and risk assessment processes
Performing internal & external, hands-on technical and procedural security audits
Develop, implement and track technical risk control/mitigation plans
Working with the company business owners and IT Business applications and infrastructure to implement security controls, solutions and software qualifications and compliance and monitoring.
Manage information security related tasks, track progress and report to management
Plan and execute Security processes and InfoSec group controls
Write, Update and implement security related procedures
Lead audit and compliance activities as SOX, SOC2, ISO27001, FedRamp and more and provide Privacy technical guidance
Contributor to GDPR and privacy, working closely with the company legal department.
Responsible to handle Internal and third-party security qualification processes, vendor risk management and assign required controls
Responsible on customers RFP security risk assessment questionnaire; in a business-driven approach and a prompt response time
Always pushing to modernize compliance solutions with efficiencies and business facing approach
Requirements:
3+ years of experience in security Governance, Risk and Compliance in hi-tech global company.
Proven experience with security compliance audit and management (NIST, ISO, SOC2, SOX, FedRamp and/or DoD)
Hands-on experience with ISMS in audits, Security Risk Management, and mitigation planning
Experience in working with customers and 3rd party qualification processes
Experience in cloud security compliance and risks
Background and experience in R&D infrastructure (an advantage)
Familiar with security vulnerabilities, trends, tools and practices
Professional certifications as Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) or Certified Information Security Professional (CISSP) - an advantage
Ability to multi-task in a dynamic work environment
Ability to motivate others in a matrix management structure
A true team player and easy to collaborate with
A true proactive and can do approach
High level English with an emphasis on writing skills
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8713074
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
01/07/2026
Location: Tel Aviv-Yafo
Job Type: Full Time
We are seeking a highly skilled and experienced Head of Application Security to join our dynamic team. This role is pivotal in driving the security of our software development lifecycle and ensuring the robustness of our applications against potential threats. The ideal candidate will have a strong background in secure software development practices, including SSDLC implementation, and a deep understanding of security risks & tools. This position reports directly to an R&D VP.
Key Responsibilities
Lead the application security team, providing strategic direction and mentorship.
Develop and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
Oversee the integration of security practices into all phases of the software development lifecycle, including CI/CD guardrails.
Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
Implement and manage security automation tools and processes to enhance the efficiency of security operations.
Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
Provide expert guidance on security architecture and design for new and existing applications.
Lead incident response efforts related to application security breaches and vulnerabilities.
Foster a culture of security awareness and continuous improvement within the organization.
Requirements:
Bachelor's degree in Computer Science, Information Security, or a related field.
Minimum of 7 years of experience in application security, with at least 3 years in a leadership role.
Proven experience in implementing and managing SSDLC frameworks.
In-depth knowledge of security frameworks and methodologies.
Strong understanding of threat modeling methodologies, secure coding practices and common vulnerabilities (e.g., OWASP Top Ten).
Proficiency in programming languages such as Java, Python, C#, or similar.
Experience in implementing security tools and technologies such as ASPM, SAST, DAST in complex and high-scale environment.
Excellent communication and leadership skills, with the ability and passion to drive change across the organization.
Relevant certifications such as CISSP, CISM, or CSSLP are desirable.
Proven experience in a similar role at another leading software development company.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8719435
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
We're looking for a Senior Security Engineer to own and elevate the security posture of our
cloud-native, AI-driven SaaS platform. Reporting to the Director of DevOps, you'll be the technical
anchor for security across our product, infrastructure, and organization - combining hands-on
engineering with the strategic judgment to translate risk into clear, actionable priorities.
This is a high-ownership role for someone who can operate end to end: threat modeling a new feature
in the morning, hardening cloud infrastructure in the afternoon, and briefing leadership on risk posture
by the end of the week. As we scale our platform and deepen our use of AI/ML, you'll define how we
build, ship, and operate securely - often standing up programs and controls that don't yet exist.
You'll work cross-functionally well beyond engineering, partnering with Customer Success, Marketing,
Finance, and Legal to make security a shared, business-aware practice rather than a gate at the end of
the line.
What You'll Do:
Own the day-to-day security engineering function across cloud infrastructure, application, and data
layers.
Lead threat modeling, penetration testing, and vulnerability management across the product and
platform lifecycle.
Design, implement, and continuously improve cloud security controls across AWS, GCP, and/or
Azure environments.
Assess and secure our AI/ML systems, addressing the unique risks they introduce - from data
pipelines to model and LLM behavior.
Drive compliance readiness and audit support for frameworks such as SOC 2, ISO 27001, and
GDPR.
Embed security into the SDLC and CI/CD pipelines, partnering closely with DevOps and engineering
teams.
Translate technical risk into clear business and board-level language, and advise leadership on
prioritization and trade-offs.
Partner cross-functionally with non-engineering teams (Customer Success, Marketing, Finance,
Legal) to build security awareness and practical, low-friction controls.
Lead or support incident response, including detection, containment, remediation, and post-incident
review.
Requirements:
8+ years in security engineering, security architecture, or a CISO/Security Officer role.
Deep cloud security experience (AWS / GCP / Azure).
Hands-on with threat modeling, penetration testing, and vulnerability management.
Working knowledge of AI/ML systems and their unique security challenges.
Experience with compliance frameworks: SOC 2, ISO 27001, GDPR (or equivalent).
Strong communication - translates technical risk into business and board language.
Comfortable operating cross-functionally with non-engineering teams (CS, Marketing, Finance).
Nice to Have
Prior experience in a fast-scaling SaaS or AI-driven product company.
Hands-on red-teaming of LLM-based systems.
Familiarity with the OWASP LLM Top 10 and NIST AI RMF.
Certifications: CISSP, CISM, CCSP, or equivalent.
Experience standing up a security program from scratch (rather than scaling an existing one).
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8718587
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
2 ימים
Location: Herzliya
Job Type: Full Time
we are seeking a Cybersecurity Architect (GRC & Risk) to join our cybersecurity architecture team. In this role, you will lead security governance, risk, and control assessments, conduct third-party due diligence, support maturity assessments, and drive mitigation and architectural review processes. Youll work closely with CISOs, security leaders, engineering teams, and customers to develop risk-focused methodologies and improve security frameworks. This position is best suited for candidates with a technical GRC, risk, or security assessment background who excel in analysis, interpretation, and structuring of security information.

Responsibilities
Lead customer third‑party security due diligence assessments.
Lead mitigation workshops to translate penetration test and assessment findings into prioritized remediation workplans.
Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.
Develop and refine security methodologies, processes, and architectural guidance.
Maintain internal documentation and ensure alignment between frameworks, processes, and practical implementation.
Analyze technical findings and map them to governance, risk, and control gaps.
Produce clear, structured reports and executive‑ready summaries for technical and non‑technical audiences.
Requirements:
Qualifications
3-4 years in cybersecurity GRC, IT risk, compliance, audit/assurance, or related process‑oriented security roles.
Strong understanding of governance, risk management, and operational processes.
Familiarity with cybersecurity frameworks (NIST CSF, ISO 27001 concepts), risk assessment, mitigation planning, and third‑party risk management.
Basic conceptual understanding of cloud/SaaS shared responsibility models.
Ability to communicate technical issues in business‑aligned language.
Hands-on experience with security controls - an advantage.
Strong writing, communication, and facilitation skills.
Comfortable collaborating with internal stakeholders and external customers.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8731962
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
2 ימים
חברה חסויה
Location: Herzliya
Job Type: Full Time
we are seeking a Junior Cybersecurity Architect to join our cybersecurity architecture team. In this role you would assist with enterprise level organizations' white-box maturity assessments, preform due-diligence assessments and help in designing actionable mitigation plans to identified risks to push forward our clients security program. This role is intended for candidates with a technical GRC, risk, or security assessment background who are strong in analysis, interpretation, and structuring of security information. You will work closely with CISOs, security leadership, engineering teams, and external customers, collaborating with senior security stakeholders as part of a versatile, and collaborative architecture team. The position emphasizes risk‑oriented thinking, security assessment methodologies, and architectural review over hands‑on technical configuration or operational security work.

Responsibilities
Support customer third‑party security due diligence assessments.

Support or lead mitigation workshops to translate penetration test and assessment findings into prioritized remediation workplans.

Analyze technical findings and map them to governance, risk, and control gaps.

Review Implementation of technical security controls.

Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.

Produce clear, structured reports and executive‑ready summaries for technical and non‑technical audiences.
Requirements:
Qualifications
1-2 years in cybersecurity GRC, IT risk, compliance, audit/assurance, or related process‑oriented security roles.

Strong understanding of governance, risk management, and operational processes.

Familiarity with cybersecurity frameworks (NIST CSF, ISO 27001 concepts), risk assessment, mitigation planning, and third‑party risk management.

Basic conceptual understanding of cloud/SaaS shared responsibility models.

Ability to communicate technical issues in business‑aligned language.

Strong writing, communication, and facilitation skills.

Comfortable collaborating with internal stakeholders and external customers.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8731956
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
14/06/2026
חברה חסויה
Location: Tel Aviv-Yafo
Job Type: Full Time
Were looking for a driven, motivated, and ambitious GRC Specialist to join our growing Security team . Here, were redefining how security teams operate - not by buying more tools, but by building smarter, AI-driven programs from the ground up. As our GRC Specialist, you'll own the compliance programs that underpin trust with our customers and partners, while actively shaping how we use AI and automation to make compliance faster, more rigorous, and less manual. This isn't a checkbox role. It's a builder role for someone who sees compliance as a competitive advantage and AI as the engine to get there.
Responsibilities:
Compliance Program Ownership
Own and lead security compliance programs across SOC 2, ISO 27001, C5 BSI, and ISO 42001, ensuring continuous readiness and alignment with evolving requirements.
Lead the scoping, planning, and implementation of new compliance frameworks as the business scales into new markets and regulatory environments.
Act as the primary point of contact for audits - managing evidence collection, auditor relationships, and remediation tracking end-to-end.
AI-Driven Compliance Operations
Design and operate continuous compliance monitoring programs leveraging AI and automation - replacing point-in-time snapshots with real-time assurance.
Build internal AI-powered tooling and workflows (in partnership with the AI Transformation Lead) to automate evidence gathering, control validation, and risk signal aggregation.
Evaluate and adopt emerging AI compliance methodologies, including AI-specific frameworks like ISO 42001, and translate them into actionable internal programs.
Risk & Vendor Management
Manage the third-party risk program (TPRM), including vendor assessments, security questionnaires, and ongoing monitoring of the vendor landscape.
Maintain and actively drive the risk register in close collaboration with the CISO, ensuring risks are tracked, owned, and remediated on time.
Policy & Culture
Develop and maintain security policies, standards, and procedures that are practical, current, and aligned with both compliance requirements and business objectives.
Drive security awareness training across the organization and champion secure development practices in collaboration with engineering and product teams.
Cross-functional Collaboration
Serve as a trusted partner to the CISO, Information Security Manager, HR, Legal, and AI Transformation Lead on matters of risk, compliance, and security governance.
דרישות:
A self-starter mindset: comfortable with ambiguity, able to set priorities without heavy direction, and capable of building structure where none exists.
Demonstrated ability to build compliance and security programs from scratch, not just maintain inherited ones.
2+ years of hands-on experience in information security and GRC, ideally in a fast-moving SaaS or tech environment.
Deep familiarity with major frameworks and regulations - SOC 2, ISO 27001, NIST, CIS, DORA, GDPR, and related standards.
Practical experience with security and IT tooling across cloud environments (AWS, Azure, or GCP), application security, and infrastructure security.
Exposure to SOC (cybersecurity operations center) environments and cybersecurity incident response.
Strong written and verbal communication skills - able to translate technical risk into clear language for executives, auditors, and non-technical stakeholders.
Hands-on experience with IT and Security tools
AI Orientation (Non-Negotiable)-
Genuine curiosity and working knowledge of AI tools, LLMs, and automation - you've used them, not just read about them.
Experience building or operating AI-assisted workflows for compliance, risk, or security operations is a strong plus.
Ability to think critically about AI risk, including how to govern and assess AI systems under frameworks like ISO 42001.
Visionary outlook: you see the 2-year horizon where AI has transformed how GRC functions and you want to be the person who builds that future המשרה מיועדת לנשים ולגברים כאחד.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8692757
סגור
שירות זה פתוח ללקוחות VIP בלבד
סגור
דיווח על תוכן לא הולם או מפלה
מה השם שלך?
תיאור
שליחה
סגור
v נשלח
תודה על שיתוף הפעולה
מודים לך שלקחת חלק בשיפור התוכן שלנו :)
2 ימים
חברה חסויה
Location: Petah Tikva
Job Type: Full Time and Hybrid work
Serving as a vCISO for client organizations - owning their security strategy, roadmap, and executive reporting.
Leading and executing cross-organizational Cyber security consulting projects at our customers.
Conducting procedural and technological cyber risk assessments and designing remediation plans.
Leading regulatory compliance projects and audits for international organizations, in line with global and local Cyber security and privacy frameworks.
Drafting information security policies, procedures, and guidelines.
Advising on security solutions and architecture, and delivering client training on security practices and risk mitigation.
Presenting expert-level deliverables to technical and executive audiences, and maintaining client relationships and satisfaction.
Requirements:
At least 2 years of accumulated knowledge and experience in areas such as IT and Security.
Knowledge of diverse information security systems.
Familiarity with various standards, regulations, and security methodologies, such as ISO27K.
Experience in security project management and in leading organizations' security programs.
Fluent Business English (reading, writing, and speaking).
Excellent interpersonal and presentation skills with proven client-facing experience.
Ability to work independently on multiple parallel projects under tight deadlines.
Relevant certifications such as CISSP, CISM, CRISC, OSCP, CEH, or GSEC - an advantage.
Experience with authentication protocols, Active Directory, Microsoft 365, Azure, and AWS environments - an advantage.
Familiarity with attack tools and information security architecture - an advantage.
This position is open to all candidates.
 
Show more...
הגשת מועמדותהגש מועמדות
עדכון קורות החיים לפני שליחה
עדכון קורות החיים לפני שליחה
8729453
סגור
שירות זה פתוח ללקוחות VIP בלבד