עדיין מחפשים עבודה במנועי חיפוש? הגיע הזמן להשתדרג!
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
About The Role
monday.com is looking for a GRC Security Specialist to join our Security Department.
This is a hands-on, execution-focused role within our GRC Security & Trust Group.
You'll own real workstreams, including compliance programs, vendor risk management, security governance, and security awareness.
You’ll be part of a small, focused team that moves fast and builds things that scale.
You'll collaborate closely with Security domains, R&D, Infra, IT, Legal, Privacy, and Procurement to make sure our security controls and compliance processes are practical, effective, and aligned with how the business actually works.
Key Responsibilities
- Vendor risk management: Own the end-to-end vendor security assessment process
workforce. This includes conducting a kick-off meeting with the business stakeholder to
understand the use case and data exposure, assigning a risk rating, sending and
managing security questionnaires, evaluating vendor responses using AI-powered
security tools, reviewing security exhibits and contractual requirements, consolidating
findings, and driving each review to a clear decision.
- Compliance and certifications: Manage external security audits end-to-end and ongoing
mapping, evidence collection, stakeholder coordination, and auditor reporting. Support
the SOX & internal audits compliance workstream through audit cycles and track
remediations to closure.
- Policies and Procedures: Drive the annual review and update of security policies based on
corrective actions.
- Governance: Own governance actions across assigned security domains - identifying
across the organization. Serve as the go-to person for employees on security and
compliance matters.
- Awareness and education: Lead security awareness and training activities, including
AI-powered security tools.
Your Experience & Skills
- 2+ years in GRC, information security, or compliance — preferably in a SaaS company
- Strong working knowledge of security and privacy frameworks: ISO 27001, SOC 2, GDPR,
- Proven ability to run TPRM independently: assess vendors, rate risk, and drive reviews to
- AI-native working style. Use AI tools to accelerate your work: drafting policies,
- Comfortable working across technical and non-technical stakeholders — translating
- Strong sense of ownership, responsibility, and problem-solving approach
- Ability to manage multiple active workstreams without losing detail
- Excellent written and verbal communication in Hebrew and English
parental leave.
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
null