Cyber Security Risk & Compliance Specialist

About us

At Bank esh, we don’t just think about what the future of banking will look like - we’re building it.

Our mission is to create a smart, efficient, and transparent banking experience that uses advanced technology to build genuine trust between people and their bank.We’ve already taken the first step: In December 2022, we were granted our license as a “bank in formation,” and we are now moving full speed ahead toward launching Israel’s new digital bank.

Join a team that’s not just building a bank - but shaping the future of finance.

Job Descriptio

nAs a key member of the CISO’s office, you will play a vital role in ensuring organizational resilience through risk management, policy enforcement, and compliance with stringent financial regulations. This position focuses on providing high-level oversight of technological processes, supporting complex projects, and continuously enhancing the organization's defense posture

.
Responsibiliti

• esGRC & Policy Leadership: Writing, implementing, and updating information security policies and procedures. Ensuring alignment with banking standards and regulatory requirements (e.g., Directive 364
• ).Risk Assessment (CRA): Performing comprehensive cyber risk assessments for new systems and technological initiative
• s.Oversight & Monitoring: Analyzing SIEM/SOC findings and technical risks. Providing guidance to implementation teams to improve detection capabilities and log managemen
• t.External Audit Management: Defining the scope and managing third-party security audits. Analyzing findings and tracking remediation effort
• s.Security Benchmarking: Conducting comparative analysis of security products and general software from an information security perspectiv
• e.Detection Strategy: Formulating recommendations for log optimization, defining new alerts, and evaluating the effectiveness of existing control tool
• s.Strategy & Awareness: Building the annual information security work plan, leading cyber simulations, and conducting organizational security awareness trainin

g.
Requireme

• ntsProfessional Experience: 5+ years of experience in GRC, information systems auditing, or cyber risk manageme
• nt.Risk Management Expertise: At least 4 years of hands-on experience in risk assessments or IT auditi
• ng.Financial/Regulatory Background (Mandatory): Proven experience working in a regulated financial/banking environment under strict supervision (e.g., Proper Conduct of Banking Busines
• s).Technical Understanding (Oversight Level): Ability to review security configurations, read logs, and understand network architectures (hands-on configuration is not require
• d).Exceptional Communication: High-level writing and drafting skills for complex procedures, official policies, and executive repor
• ts.AI Proficiency: Practical experience using AI tools (e.g., ChatGPT, Claude, Copilot) to optimize workflows, technical writing, or data analys
• is.Cloud Security: Familiarity with cloud security methodologies (Shared Responsibility Model) and SaaS/IaaS risk factors - an advant
• ageAI Security: Initial familiarity with GenAI risks and mitigation (e.g., OWASP Top 10 for LLMs) - an advant
• ageBenchmarking: Experience in performing Proof of Concept (POC) and comparative analysis of security products - an advant
• ageCertifications: CISM, CISA, or CISSP - Significant Advanta

ge.Bank esh is proud to be an equal opportunity employ

er.We are committed to providing equal employment opportunities regardless of race, color, origin, religion, gender, nationality, sexual orientation, age, marital status, disability, or gender identi