עדיין מחפשים עבודה במנועי חיפוש? הגיע הזמן להשתדרג!
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
We are a rapidly growing private Global B2B fintech company that operates as a technology-based master vendor to make purchasing fast and easy for corporate enterprise buyers. Recognized in the ProcureTech 100 for Procurement Innovation, our SaaS Platform and accompanying services digitize and streamline the buying experience while increasing transparency and compliance for leading companies around the globe. We are available in 40 countries with clients across industries in the Global 2,000 using Candex to engage and pay their suppliers quickly, compliantly, and at scale. Candex has raised over $40M from leading investors including JP Morgan, American Express, Altos, Craft, and NFX.ResponsibilitiesAs an Information Security Manager, you will play a pivotal role in creating and executing a robust information security program that aligns with industry best practices and compliance standards. You will collaborate with cross-functional teams spanning HR, IT, Cloud Ops, Legal, Privacy, and beyond, to ensure a holistic approach to security. Your expertise will be crucial in maintaining and enhancing our security posture while driving us towards advanced security certifications, such as SOC2 and CSA.The ideal candidate should be experienced in managing the response to Requests for Information (RFIs) and Security questionnaires from clients and third-party vendors. They should have knowledge of information security controls, risk management frameworks, and regulatory compliance requirements, and be able to communicate effectively with stakeholders to provide comprehensive and accurate responses to inquiries. Specific tasks include, without limitation:
- Manage security and privacy audits, such as: ISO 27001 including collecting evidence, collaborating with stakeholders and reporting to external auditors.
- Manage security tests (SAST/DAST/PT) in accordance with OWASP top 10, evaluate finding and manage the mitigation plan and response.
- Managing internal policies for monitoring compliance, and developing training programs for cybersecurity awareness.
- Managing the third-party vendor risk management program.
- Manage all InfoSec Questionnaires, including drafting initial responses to technical questions, tracking all deliverables, deadlines, status, and outcomes, escalating questions cross functionally
- Collaboratively with the sales department on RFPs/RFIs and participate in InfoSec due diligence calls with clients
- Build a methodical approach for completing RFIs using AI-assisted knowledge base SaaS tools
- Build a methodical approach using AI-assisted knowledge based SaaS tools containing updated information on our information security and compliance.
- 5+years of experience in a similar role in IT infrastructure, networking and systems
- Knowledge of security protocols and common practices
- Excellent written and verbal communications skills
- Ability to write copy in English that is clear, concise and compelling about a variety of legal and public policy issues
- Ability to juggle priorities, meet deadlines, and work with grace under pressure
- Deep understanding of relevant regulations, such as GDPR, CCPA and similar privacy frameworks, as well as information security industry standards, such as ISO 27001 and NIST
- Experience in identifying and mitigating risks related to financial processes, such as money laundering, fraud, and cybersecurity.
- We are humble, hungry, intelligent and collaborative
- A flexible working environment
- We offer scalable benefits, rewards, and perks, our total rewards programs reflect our commitment to inclusivity and access for all.
- Team-building offsites and outings
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
יקנעם עילית
