GRC Specialist

Why Join Us?

As a GRC Specialist at Check Point Software Technologies, you will play a meaningful role in shaping how one of the world's leading cybersecurity companies operates and scales its compliance posture.

You will work closely with the Head of Security and Compliance and the CISO, and cross-functional teams including R&D, DevOps, Legal, and MIS — taking ownership over maintaining and expanding our compliance posture, managing vendor risk, and driving policy implementation across the organization, and helping transform complex challenges into clear, structured outcomes.

Key Responsibilities

Responsibilities

• Manage and support ongoing SOC 2 Type II and ISO 27001 audit cycles, evidence collection, control testing, and remediation tracking across multiple cloud products and service lines
• Own vendor risk management, conduct third-party security assessments, maintain vendor inventory, and track remediation
• Develop, review, and maintain security policies and procedures aligned with industry frameworks (ISO 27001, SOC 2, FedRAMP, C5, ISMAP, IRAP,PCI DSS, and more)
• Assist Legal and DPO with GDPR and other privacy matters
• Respond to customer security questionnaires (RFIs, periodic reviews) accurately and efficiently
• Support risk assessment processes — identify, analyze, and track organizational risks with clear mitigation plans
• Manage compliance evidence in our GRC platform and ensure continuous monitoring and automated evidence collection
• Collaborate with engineering and product teams on security requirements for new features and integrations
• Track and report on compliance metrics and KPIs to the CISO and leadership
  
  

• Take full ownership over your scope and operate independently
• Deliver consistent, high-quality outcomes with minimal friction
• Proactively identify gaps, inefficiencies, or areas of improvement and address them
• Build strong working relationships across teams based on trust and accountability
• Contribute to a calmer, more predictable, and better-organized compliance environment
  
  

• 3+ years of experience in GRC, information security compliance, or security audit roles
• Hands-on experience with SOC 2 and/or ISO 27001 audit processes — you've managed evidence collection and worked directly with auditors
• Strong understanding of risk management frameworks (NIST CSF, ISO, or equivalent)
• Experience conducting vendor security assessments and managing third-party risk
• Working knowledge of GDPR and data privacy compliance requirements
  
  

• Detail-oriented with strong organizational skills — able to manage multiple audit workstreams simultaneously across a large product portfolio
• Excellent written and verbal communication in English
  
  

• FedRAMP experience — familiarity with the FedRAMP authorization process, documentation development, control implementation, or 3PAO assessments is a significant differentiator as Check Point continues to grow its federal compliance footprint
• Experience with cloud security compliance in AWS and/or Azure and GCP environments
• Relevant certifications: CISA, CRISC, ISO 27001 Lead Auditor, or similar
• Experience working in a large-scale enterprise SaaS or cybersecurity company with a broad, multi-certification compliance program
• Familiarity with GRC platforms and compliance automation tools