דרושים » אבטחת מידע וסייבר » Information Security Consultant (GRC) and Privacy Specialist

The Cyber Security team is looking for a highly motivated GRC Specialist to join our team and take ownership of our Governance, Risk & Compliance program.
In this role, youll work closely with the CISO and cross-functional teams to embed security and compliance into everything we do. enabling the business to scale securely while meeting regulatory and customer expectations.
This is a high-impact position for someone who thrives in dynamic environments and wants to build, improve, and influence how security is managed across the organization.
What will you be doing:
Own and lead the organizations Governance, Risk & Compliance (GRC) program
Reporting the CISO to define and execute a GRC strategy aligned with business objectives and risk appetite
Develop, implement, and maintain security policies, standards, and procedures aligned with industry best practices and regulatory requirements
Lead and manage risk assessment processes across cybersecurity, IT, third-party, and operational domains
Maintain and actively manage the risk register, ensuring risks are identified, prioritized, tracked, and remediated
Drive and manage compliance programs (e.g., ISO 27001, NIST, CIS, GDPR), ensuring continuous audit readiness
Lead internal and external audits end-to-end, including evidence collection, auditor coordination, and remediation tracking
Manage third-party risk (TPRM), including vendor security assessments, questionnaires, and ongoing monitoring
Support product and engineering teams by integrating security and compliance requirements into new features and systems
Build and deliver risk and compliance reporting, including dashboards, KPIs, and executive-level insights
Translate technical risks into clear, business-relevant communication for leadership and stakeholders
Drive security awareness initiatives and promote a security-first culture across the organization

We are looking for a GRC Specialist to support our Governance, Risk, and Compliance (GRC) program, reporting directly to the CISO.

This is a hands‑on, execution‑focused role responsible for maintaining and scaling our compliance posture, reducing audit friction, addressing vendor risk, and supporting the integration of newly acquired companies into our security and compliance frameworks.

You will work closely with Security Engineering, IT, Legal, Privacy, Sales/Revenue, Procurement, Product, HR, and other business stakeholders to ensure security controls, compliance activities, and risk management processes are practical, effective, and aligned with business needs.


The day‑to‑day:
Lead audit preparation and ongoing compliance maintenance for frameworks such as SOC 2 / SOC 3, ISO 27001, ISO 27701, ISO 22301, NIST, and GDPR, including evidence collection, gap tracking, and remediation coordination.
Own and execute vendor and third‑party security assessments, helping reduce backlog and improve risk visibility across suppliers and partners.
Respond to customer security questionnaires and audits, partnering with Sales and Security teams to support deal velocity and customer trust.
Support the integration of newly acquired companies into our security, risk, and compliance programs, including gap assessments and remediation planning.
Maintain and improve the ISMS, governance processes, policies, standards, and procedures.
Act as a central point of contact for internal security and compliance inquiries from business and technical teams.
Support the administration and continuous improvement of GRC and compliance tooling, including workflows, evidence management, and reporting.
Contribute to the Security Awareness Program and cross‑organizational education efforts.

The perks:
Hybrid, flexible work environment.
Extended private health (including mental) insurance.
Personal and professional development programs.
Occasional Cross company long weekends.

At our company, we move fast. Were an ultra-collaborative company with brilliant people who care deeply about the details. Together, were solving interesting and complex puzzles to keep the worlds data safe.
We work in a flexible, hybrid model, so you can choose the home-office balance that works best for you.
Job Overview:
We are seeking a highly skilled and experienced Security GRC Specialist to join our team. This position reports directly to the GRC Manager, as part of the CISO group. The ideal candidate should have a strong background in GRC, with a proven track record of successfully implementing GRC programs. This role requires a diligent professional who thrives in a fast-paced environment and can manage multiple priorities while maintaining attention to detail.
Key Responsibilities:
Develop, implement, and maintain GRC frameworks, policies, and procedures.
Manage ISO 27001/ISO27017/ISO27018 compliance by conducting gap analyses, maintaining ISMS documentation, and coordinating audits to ensure ongoing certification.
Respond to customer due diligence requests and support the review of security and compliance clauses in customer and vendor contracts,
Conduct third-party risk assessments and identify potential security threats and vulnerabilities.
Manage and maintain the GRC platform to ensure accurate compliance monitoring, documentation, and audit support
Collaborate with cross-functional teams to integrate GRC initiatives into business processes.
Provide guidance and support to internal stakeholders on GRC-related matters.
Stay up to date with industry trends and emerging threats to continuously improve the GRC program.

Are you ready to evolve from a GRC Specialist into a strategic leader? We are looking for a high-potential GRC Specialist to join our company.
As a GRC at our company you will be responsible for aligning our companys security compliance and regulatory requirements. You will be responsible for preparing the business for certifications and regulations. You will verify that existing controls are adequate and define and oversee the implementation of new security controls. In addition, you will be responsible for) Risk management, employee awareness and Vendor Security assessment. You will devise new policies and update existing ones while aligning with business processes.
What am I going to do?
Oversee the company's security GRC program.
Lead annual certifications (ISO 27001, SOX-ITGC) and prepare for security audits (e.g., PCI DSS).
Third-party risk management.
Develop policies and guidelines aligned with security best practices for complex environments.
Conduct risk management and build plans to mitigate risks while engaging stakeholders.
Collaborate with IT, Legal, HR, Finance, and security teams to address gaps versus best practices.
Drive the security awareness program and explore strategies to enhance the security posture.

Are you ready to evolve from a GRC Specialist into a strategic leader? We are looking for a high-potential GRC Specialist to join Fiverr. As a GRC at Fiverr you will be responsible for aligning Fiverr’s security compliance and regulatory requirements. You will be responsible for preparing the business for certifications and regulations. You will verify that existing controls are adequate and define and oversee the implementation of new security controls. In addition, you will be responsible for) Risk management, employee awareness and Vendor Security assessment. You will devise new policies and update existing ones while aligning with business processes.


What am I going to do?:

* Oversee the company's security GRC program.
* Lead annual certifications (ISO 27001, SOX-ITGC) and prepare for security audits (e.g., PCI DSS).
* Third-party risk management.
* Develop policies and guidelines aligned with security best practices for complex environments.
* Conduct risk management and build plans to mitigate risks while engaging stakeholders.
* Collaborate with IT, Legal, HR, Finance, and security teams to address gaps versus best practices.
* Drive the security awareness program and explore strategies to enhance the security posture.


Equal opportunities:
At Fiverr, we prioritize diversity. We celebrate difference and embed it into every aspect of our workplace and product, as well as our community. Fiverr is proud and committed to providing equal opportunity employment to all individuals regardless of race, color, religion, sex, sexual orientation, citizenship, national origin, disability, Veteran status, or any other characteristic protected by law. In addition, Fiverr will provide accommodation to individuals with disabilities or a special need.

we are seeking a Cybersecurity Architect (GRC & Risk) to join our cybersecurity architecture team. In this role, you will lead security governance, risk, and control assessments, conduct third-party due diligence, support maturity assessments, and drive mitigation and architectural review processes. Youll work closely with CISOs, security leaders, engineering teams, and customers to develop risk-focused methodologies and improve security frameworks. This position is best suited for candidates with a technical GRC, risk, or security assessment background who excel in analysis, interpretation, and structuring of security information.

Responsibilities
Lead customer third‑party security due diligence assessments.
Lead mitigation workshops to translate penetration test and assessment findings into prioritized remediation workplans.
Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.
Develop and refine security methodologies, processes, and architectural guidance.
Maintain internal documentation and ensure alignment between frameworks, processes, and practical implementation.
Analyze technical findings and map them to governance, risk, and control gaps.
Produce clear, structured reports and executive‑ready summaries for technical and non‑technical audiences.

We are seeking a highly skilled and experienced Head of Application Security to join our dynamic team. This role is pivotal in driving the security of our software development lifecycle and ensuring the robustness of our applications against potential threats. The ideal candidate will have a strong background in secure software development practices, including SSDLC implementation, and a deep understanding of security risks & tools. This position reports directly to an R&D VP.
Key Responsibilities
Lead the application security team, providing strategic direction and mentorship.
Develop and implement a comprehensive Secure Software Development Lifecycle (SSDLC) framework.
Oversee the integration of security practices into all phases of the software development lifecycle, including CI/CD guardrails.
Conduct risk assessments and threat modeling to identify and mitigate potential security vulnerabilities.
Collaborate with development teams to ensure secure coding practices and adherence to security standards, while maintaining developer productivity.
Implement and manage security automation tools and processes to enhance the efficiency of security operations.
Stay up-to-date on the latest security trends, vulnerabilities, and technologies to continuously improve our security posture.
Provide expert guidance on security architecture and design for new and existing applications.
Lead incident response efforts related to application security breaches and vulnerabilities.
Foster a culture of security awareness and continuous improvement within the organization.

We are looking for a
Junior IT SecOps Specialist
with
at least 1-2 years of hands‑on experience
in security operations or IT security. The role is ideal for someone who already has foundational security skills and wants to grow into advanced SecOps responsibilities while working alongside experienced specialists within Kornits global hybrid environment.

This position aligns with the responsibilities defined for the SecOps team, including monitoring, incident response, and implementation of security technologies
What will you do?
Security Platforms & Daily Operations
Assist in operating and maintaining security solutions such as EDR/EPP, MFA, NAC, IPS, and secure DNS platforms.
Support onboarding and configuration tasks for new or existing security tools.
Perform routine health checks on security systems and escalate anomalies as needed.
Monitoring, Detection & Incident Handling
Monitor alerts and events from security platforms.
Perform first‑level triage, document findings, and escalate incidents to senior SecOps members
Participate in remediation activities with guidance (e.g., addressing misconfigurations or legacy system exposures similar to past findings)
Infrastructure Hardening & Compliance Support
Assist in applying IT security standards and guidelines across systems and environments.
Support the implementation of secure configurations for endpoints, servers, and cloud workloads under supervision.
Team Collaboration
Work closely with the CISO and senior SecOps team to support ongoing security initiatives and improvements
Collaborate with IT Infrastructure, Network, and Cloud teams to troubleshoot and secure operational environments.