GRC Manager

We are seeking a dynamic and experienced GRC Manager to join our Cyber Risk Department. In this leadership role, you will oversee teams, manage critical processes, and drive strategic cybersecurity and compliance initiatives for leading organizations in the Israeli market.

Key Responsibilities

• Team Leadership:
• Lead, mentor, and develop a team of GRC and cybersecurity professionals, fostering a collaborative and high-performance environment.
• Project & Process Management:
• Direct the planning, execution, and delivery of information security, privacy, and business continuity projects, ensuring client satisfaction and successful outcomes.
• Cyber Risk Assessment:
• Oversee comprehensive cyber risk assessments, translating technical findings into actionable business recommendations.
• Security Maturity & Remediation:
• Design and implement security maturity programs and remediation plans, monitoring progress and driving continuous improvement.
• Regulatory Compliance:
• Ensure compliance with international and local standards (ISO27001, NIST, GDPR, Israeli privacy laws), including audit readiness and regulatory engagement.
• Internal Audit Collaboration:
• Partner with internal audit teams to support annual board audit plans and strengthen organizational governance.
• Stakeholder Engagement:
• Communicate project status, risk insights, and recommendations to senior management and key stakeholders in both Hebrew and English.
• 5–6 years in information security, risk management, privacy, and compliance, including proven team and project management experience.
• Regulatory Expertise:
• Deep knowledge of privacy and information security regulations and best practices (SOC2, GDPR, ISO27001, Israeli privacy laws).
• Risk Methodologies:
• Hands-on experience with risk assessment methodologies and frameworks.
• Communication Skills:
• Exceptional oral and written communication and presentation skills in Hebrew and English.
• Advantages:
• Professional certifications such as CISO, CISSP, or CISM.
• Experience with cloud security methodologies and relevant certifications.