עדיין מחפשים עבודה במנועי חיפוש? הגיע הזמן להשתדרג!
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
GRC Specialist
Location: Airport City, Israel | Full-Time
We are looking for a GRC Specialist to join our Information Security team and lead governance, compliance, vendor risk management, and information security risk activities across the organization.
In this role, you will work closely with the CISO and cross-functional teams to implement security policies, maintain regulatory compliance, and strengthen the organization's security posture.
This is an excellent opportunity for professionals at the beginning of their cybersecurity journey who are looking to grow in a dynamic technology environment while gaining hands-on experience in security governance, risk management, compliance, and third-party risk management.
Key Responsibilities
- Lead and manage Governance, Risk & Compliance (GRC) activities across the organization.
- Drive and maintain compliance programs aligned with standards and regulations such as ISO 27001, Israeli Privacy Protection Law, GDPR, and other relevant frameworks.
- Manage Supply Chain Risk Management (SCRM) processes, including vendor classification, security assessments, due diligence reviews, and onboarding activities.
- Plan and support internal and external audits related to cybersecurity, privacy, and regulatory compliance, including risk assessments, penetration tests, and security questionnaires.
- Lead cybersecurity awareness and security culture initiatives throughout the organization.
- Monitor regulatory changes and assess their impact on business operations and security requirements.
- Develop, review, and maintain information security policies, procedures, and standards.
- Collaborate closely with Infrastructure, Digital, Legal, Procurement, and Business teams to ensure security and compliance requirements are effectively implemented.
- Support information security and privacy risk assessments across business processes and track remediation plans to reduce identified risks.
Requirements
- 1–3 years of experience in GRC, IT Risk Management, Information Security Compliance, Internal Audit, or related fields.
- Familiarity with regulatory and compliance frameworks such as ISO 27001, GDPR, and privacy regulations.
- Understanding of Third-Party Risk Management (TPRM) / Supply Chain Risk Management (SCRM) processes, including vendor assessments and security controls within procurement and contracting workflows.
- Knowledge of risk management methodologies (cybersecurity and/or operational risk).
- Strong analytical thinking and problem-solving skills.
- Ability to work effectively in a fast-paced, cross-functional environment while managing multiple priorities.
- Strong written and verbal communication skills in English.
Nice to Have
- Basic familiarity with cloud environments such as AWS.
- Experience with GRC platforms and compliance automation tools.
- Hands-on experience with AI tools such as Claude and the ability to build automated workflows for evidence collection, reporting, and process optimization.
- Relevant certifications or training, such as CISA, ISO 27001 Lead Implementer/Auditor, or equivalent.
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.