לוח משרות דרושים מומחה אבטחת מידע / סייבר

This role oversees security governance, risk management, compliance, and incident readiness, while working closely with engineering, product, legal, MIS and other teams to embed security across the organisation and support customer trust and business growth.
Key Responsibilities
Develop and maintain the companys information security strategy, policies, and long-term roadmap. Both for production environments and for internal business by overseeing security of enterprise systems.
Lead security risk assessments, mitigation planning, and ongoing security monitoring.
Lead incident response planning, preparedness, and execution.
Manage security governance, including controls, documentation, and audit readiness.
Ensure compliance with relevant standards and regulations such as SOC 2, ISO 27001, GDPR, and emerging AI frameworks.
Direct security architecture reviews and support secure development practices across product and engineering teams.
Ensure security is integrated into engineering culture and delivery without hindering velocity, while aligning platform security with engineering practices and production resiliency requirements.
Oversee vendor security, penetration testing, and third-party risk management.
Serve as the primary security contact for customers, partners, auditors, and regulators, and own the security aspects of the companys products, in alignment with business and customers needs.
Provide regular updates to executive leadership on security posture, risks, and priorities.

Are you ready to evolve from a GRC Specialist into a strategic leader? We are looking for a high-potential GRC Specialist to join Fiverr. As a GRC at Fiverr you will be responsible for aligning Fiverr’s security compliance and regulatory requirements. You will be responsible for preparing the business for certifications and regulations. You will verify that existing controls are adequate and define and oversee the implementation of new security controls. In addition, you will be responsible for) Risk management, employee awareness and Vendor Security assessment. You will devise new policies and update existing ones while aligning with business processes.


What am I going to do?:

* Oversee the company's security GRC program.
* Lead annual certifications (ISO 27001, SOX-ITGC) and prepare for security audits (e.g., PCI DSS).
* Third-party risk management.
* Develop policies and guidelines aligned with security best practices for complex environments.
* Conduct risk management and build plans to mitigate risks while engaging stakeholders.
* Collaborate with IT, Legal, HR, Finance, and security teams to address gaps versus best practices.
* Drive the security awareness program and explore strategies to enhance the security posture.


Equal opportunities:
At Fiverr, we prioritize diversity. We celebrate difference and embed it into every aspect of our workplace and product, as well as our community. Fiverr is proud and committed to providing equal opportunity employment to all individuals regardless of race, color, religion, sex, sexual orientation, citizenship, national origin, disability, Veteran status, or any other characteristic protected by law. In addition, Fiverr will provide accommodation to individuals with disabilities or a special need.