GRC Information Security Lead
חברה בתחום אחר
- נתניה
We are seeking a skilled and experienced Cyber Security Lead to spearhead the organizations cybersecurity strategy, ensuring the confidentiality, integrity, and availability of our systems and data.
The ideal candidate will have a strong technical background in cybersecurity, experience with a variety of security tools, and a solid understanding of Governance, Risk, and Compliance (GRC) frameworks.
Knowledge of risk management frameworks and industry best standards such as ISO 27001, NIST, privacy frameworks, SOC and local regulations.
The GRC Information Security Lead identifies and assesses potential information security risks, recommends mitigations, and helps the risk owners implement mitigations to reduce the risk to an acceptable level.
Lead the organization-wide compliance program, ensuring activities, processes, and procedures meet defined requirements, policies, and regulations
Collect and review client security documentation (e.g., policies, penetration tests) and conduct vendor assessments for various risk levels, including software, service providers, and external workforce.
Align with suppliers and internal teams like IT and application teams to ensure compliance with organizational security requirements.
Excellent communication and interpersonal skills, with the ability to collaborate effectively across different levels of the organization
Security clients-facing effort: answer security questionnaires and review legal contracts from a security perspective.
Perform security audits on vendors and contractors.
Responsible for employee security awareness training, conducting company-facing training sessions and enrichment activities, and performing dedicated sessions for specific departments and security drills.
Stay up-to-date with industry best practices and regulatory changes to ensure the organizations GRC practices remain current and effective.
Self-motivated, able to work independently, prioritize tasks, adapt to a fast-paced and dynamic environment, manage multiple priorities effectively, and have a commitment to project success.
The ideal candidate will have a strong technical background in cybersecurity, experience with a variety of security tools, and a solid understanding of Governance, Risk, and Compliance (GRC) frameworks.
Knowledge of risk management frameworks and industry best standards such as ISO 27001, NIST, privacy frameworks, SOC and local regulations.
The GRC Information Security Lead identifies and assesses potential information security risks, recommends mitigations, and helps the risk owners implement mitigations to reduce the risk to an acceptable level.
Lead the organization-wide compliance program, ensuring activities, processes, and procedures meet defined requirements, policies, and regulations
Collect and review client security documentation (e.g., policies, penetration tests) and conduct vendor assessments for various risk levels, including software, service providers, and external workforce.
Align with suppliers and internal teams like IT and application teams to ensure compliance with organizational security requirements.
Excellent communication and interpersonal skills, with the ability to collaborate effectively across different levels of the organization
Security clients-facing effort: answer security questionnaires and review legal contracts from a security perspective.
Perform security audits on vendors and contractors.
Responsible for employee security awareness training, conducting company-facing training sessions and enrichment activities, and performing dedicated sessions for specific departments and security drills.
Stay up-to-date with industry best practices and regulatory changes to ensure the organizations GRC practices remain current and effective.
Self-motivated, able to work independently, prioritize tasks, adapt to a fast-paced and dynamic environment, manage multiple priorities effectively, and have a commitment to project success.
Requirements:
Qualifications:
3+ years of experience in GRC, Audit, Information Security, or similar roles
Experience implementing industry standards and frameworks such as ISO 27001, NIST Cybersecurity Framework, GDPR, and other relevant regulations.
Technical orientation, with the ability to collaborate effectively across diverse teams
Relevant certifications such as CISM, CISSP, CISO, or CIPM advantage.
Excellent verbal and written communication skills in English and Hebrew to interact with
Demonstrated ability to handle multiple tasks, prioritize effectively.
Qualifications:
3+ years of experience in GRC, Audit, Information Security, or similar roles
Experience implementing industry standards and frameworks such as ISO 27001, NIST Cybersecurity Framework, GDPR, and other relevant regulations.
Technical orientation, with the ability to collaborate effectively across diverse teams
Relevant certifications such as CISM, CISSP, CISO, or CIPM advantage.
Excellent verbal and written communication skills in English and Hebrew to interact with
Demonstrated ability to handle multiple tasks, prioritize effectively.
This position is open to all candidates.
רוצה לראות עוד משרות מתאימות? Jobify מנתחת את הניסיון התעסוקתי שלך ומציגה לך משרות עדכניות - בחינם!
