Trax is looking for an Independent and highly motivated GRC Specialist, to be a part of a global dynamic and fast-growing environment. This role includes responsibility for governance, risk & compliance processes and activities. He or she is expected to be autodidact, with a strong affinity to cloud based technologies. We offer
* Working on state-of-the-art technologies with amazing people
* Learning & development opportunities
* Global work environment, diverse & inclusive company
* Amazing office in central Tel-Aviv Join our exciting journey!!
Responsibilities:
What to expect In this role (How your day to day will look like)
* Evaluate and develop Information Security policies, standards, procedures, and guidelines
* Risk management program development, execution, and compliance monitoring
* Assess security controls effectiveness, KRIs and KPIs, and document compliance gaps
* Collect evidence from various systems and processes and document according to standards
* Lead supplier risk assessment activities
* Lead security awareness activities
* Lead GRC solutions implementations and policy enforcement
* Lead external audit activities such as ISO 27001, SOC2, Sox (ITGC)
* Perform security assessments and update the risk ledger
* Participate in customer engagements, meetings, RFIs, RFPs and questionnaires
* Participate in incident and crisis management forums
* Lead project security reviews and compliance monitoring
* Engage with engineering for vulnerability management & secure software development compliance
* Prepare progress and readiness reports
Education:
* CISA/CISM/CISSP certified - bonus CISA/CISM/CISSP certified - Bonus
Key Competencies:
* Communicate effectively technical information (verbal, written), to a wide range of target audiences
* Thorough, precise & consistent
* Trusted
* Team player, friendly approach & service-oriented.
* Adaptive
City:
Tel Aviv - Yafo
Requirements: * Strong technological background in networking, infrastructure, cloud, endpoints, and identity areas
* 3-4 years of experience as GRC specialist or similar positions and background - Mandatory
* 3-4 years of experience and technological knowledge in various security domains - Mandatory
* Profound knowledge and experience of ISO 270XX and 22301 standards - Mandatory
* Profound knowledge and experience of SOC2 audits and requirements - Mandatory
* Profound knowledge and experience of SOX (ITGC) audits and requirements - Mandatory
* Profound knowledge and experience of GDPR and privacy regulations - Mandatory
* Familiar and experienced with BCP/DRP program requirements - Bonus
* Familiar and experienced with GRC security solutions – Big bonus
* Familiar and experienced with vulnerability management solutions – Bonus
* Familiar and experienced with penetration testing engagements – Bonus
* Updated with recent and latest technologies, attacks, and security trends - Bonus
* Good presentation skills - Mandatory
* Good office applications skills - Mandatory
* Good documentation skills – Bonus
* Excellent English both written and spoken
המשרה מיועדת לנשים ולגברים כאחד.