GRC Program manager

Description

We are seeking a GRC- Governance, Risk, and Compliance Program manager, with a specialization in user and data management to join our GRC Team within the Security department.

This is a fantastic opportunity to be part of a growing team, collaborating closely with technical and process-oriented stakeholders to support the company's growth on a large scale. If you're a collaborative team player, a creative thinker, passionate about cybersecurity, and capable of blending a process-oriented mindset with a tech-oriented outlook, keep reading!

About The Role

As a GRC Program manager, your responsibilities will include:

• Crafting a robust and scalable identity and data protection strategy for the company to accommodate its rapid growth.
• Establishing cross-company user management processes for employees and external parties, building controls and alerts for our main user management processes such as onboarding, offboarding, role changes, and leaves, to bolster security and compliance initiatives (e.g., SOX, SOC, PCI) and enhance our security posture.
• Mapping critical assets ("crown jewels") and implementing comprehensive Data Loss Prevention (DLP) processes. This involves monitoring external shares of company data and assets and enforcing restrictions on accessing sensitive applications and environments.
• Continuously assessing and managing risks associated with third parties, including information systems, extensions, and service providers. Create and enhance relevant processes as needed.
• Serving as a focal point for complex issues in the domain, simplifying challenging tasks, and making them achievable.
• Leading complex projects within your domain and across departments, collaborating with various stakeholders (technical and non-technical) to ensure alignment with security requirements and best practices.
• Proposing automation and process improvements to enhance organizational efficiency, speed, and security.
• Identifying and addressing gaps and exceptions, implementing compensatory controls where necessary.
• Handling other team-related responsibilities as required.
  
  

Requirements

We’re looking for:

• Minimum of 5 years of relevant experience in a global SaaS company (or equivalent) working in-house in GRC, information security, information systems & data management, or similar roles.
• A broad organizational perspective coupled with a deep technical understanding and the ability to manage end-to-end complex cross-company projects.
• Strong familiarity with security principles, best practices, and methodologies.
• Exceptional organizational skills and the capacity to manage multiple tasks concurrently.
• Proficiency in collaborating and leading various stakeholders in a respectful and open manner.
• A strong sense of ownership, a proactive mindset, and a high level of responsibility.
• Professionalism, attention to detail, proactiveness, and motivation.
• A "can-do" attitude, a creative problem-solving approach, and the ability to work both independently and as part of a team.
• Excellent communication skills in both Hebrew and English, both written and verbal.
  
  

Additionally, please note that while this role requires the ability to construct technical processes and oversee various controls, it is not a hands-on IT position.

Social Description

We are seeking a Senior Governance, Risk, and Compliance (GRC) Specialist with a specialization in user and data management to join our GRC Team within the Security department.

This is a fantastic opportunity to be part of a growing team, collaborating closely with technical and process-oriented stakeholders to support the company's growth on a large scale. If you're a collaborative team player, a creative thinker, passionate about cybersecurity, and capable of blending a process-oriented mindset with a tech-oriented outlook, keep reading!