Join our multidisciplinary GRC team within the Cybersecurity Department, responsible for leading the organization's Governance, Risk & Compliance domains. We're looking for a highly capable and adaptable professional with broad expertise across multiple areas — no narrow specialization required — and a proactive approach to evolving organizational needs.

🛡️ Key Responsibilities:

• Evaluate regulatory compliance and lead gap mitigation programs

• Develop and manage ISO compliance programs in areas such as InfoSec, incident management, privacy, and cloud risk

• Write and maintain organizational policies and cybersecurity/privacy standards

• Monitor implementation of procedures and conduct ongoing compliance reviews

• Track regulatory changes and assess organizational impact

• Lead internal and external audits, and maintain communication with regulators

• Manage InfoSec awareness programs including training, e-learning, campaigns, and phishing simulations

• Conduct and lead risk assessments for business processes and systems; document findings and monitor remediation

• Oversee cyber risk in the supply chain: develop and implement SCRM processes, guide vendor security management, review annual vendor reports, and manage security questionnaires

• Collaborate with various departments: infrastructure, digital, procurement, legal, risk management, and business units

• Actively participate in privacy and information security committees and forums

✅ Requirements:

• 4+ years of hands-on experience in GRC roles

• Proven experience in drafting policies and compliance documentation

• Deep understanding of international regulatory frameworks and standards (e.g., ISO 27001/27799/27701/27017/27035, GDPR, NIST, SOC 2)

• Strong familiarity with Israeli regulatory frameworks (Privacy Protection Law, MoB regulations on cybersecurity, risk management, supply chain)

• Experience conducting risk assessments for business processes and IT systems

• Knowledge and practice in cyber or operational risk management

• Experience leading internal and external InfoSec audits and compliance processes

• Proven ability to develop and manage information security awareness programs and training

📢 Ready to make an impact in a high-stakes, high-visibility role?

Apply now and help shape the cybersecurity and compliance landscape of a leading organization!