עדיין מחפשים עבודה במנועי חיפוש? הגיע הזמן להשתדרג!
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
מלאה
22,000-30,000 ₪
we are looking for a Cyber Security Risk & Compliance Specialist .
As a key member of the CISOs office, you will play a vital role in ensuring organizational resilience through risk management, policy enforcement, and compliance with stringent financial regulations. This position focuses on providing high-level oversight of technological processes, supporting complex projects, and continuously enhancing the organization's defense posture.
Responsibilities:
GRC & Policy Leadership: Writing, implementing, and updating information security policies and procedures. Ensuring alignment with banking standards and regulatory requirements (e.g., Directive 364).
Risk Assessment (CRA): Performing comprehensive cyber risk assessments for new systems and technological initiatives.
Oversight & Monitoring: Analyzing SIEM/SOC findings and technical risks. Providing guidance to implementation teams to improve detection capabilities and log management.
External Audit Management: Defining the scope and managing third-party security audits. Analyzing findings and tracking remediation efforts.
Security Benchmarking: Conducting comparative analysis of security products and general software from an information security perspective.
Detection Strategy: Formulating recommendations for log optimization, defining new alerts, and evaluating the effectiveness of existing control tools.
Strategy & Awareness: Building the annual information security work plan, leading cyber simulations, and conducting organizational security awareness training.
As a key member of the CISOs office, you will play a vital role in ensuring organizational resilience through risk management, policy enforcement, and compliance with stringent financial regulations. This position focuses on providing high-level oversight of technological processes, supporting complex projects, and continuously enhancing the organization's defense posture.
Responsibilities:
GRC & Policy Leadership: Writing, implementing, and updating information security policies and procedures. Ensuring alignment with banking standards and regulatory requirements (e.g., Directive 364).
Risk Assessment (CRA): Performing comprehensive cyber risk assessments for new systems and technological initiatives.
Oversight & Monitoring: Analyzing SIEM/SOC findings and technical risks. Providing guidance to implementation teams to improve detection capabilities and log management.
External Audit Management: Defining the scope and managing third-party security audits. Analyzing findings and tracking remediation efforts.
Security Benchmarking: Conducting comparative analysis of security products and general software from an information security perspective.
Detection Strategy: Formulating recommendations for log optimization, defining new alerts, and evaluating the effectiveness of existing control tools.
Strategy & Awareness: Building the annual information security work plan, leading cyber simulations, and conducting organizational security awareness training.
Requirements:
Professional Experience: 5+ years of experience in GRC, information systems auditing, or cyber risk management.
Risk Management Expertise: At least 4 years of hands-on experience in risk assessments or IT auditing.
Financial/Regulatory Background (Mandatory): Proven experience working in a regulated financial/banking environment under strict supervision (e.g., Proper Conduct of Banking Business).
Technical Understanding (Oversight Level): Ability to review security configurations, read logs, and understand network architectures (hands-on configuration is not required).
Exceptional Communication: High-level writing and drafting skills for complex procedures, official policies, and executive reports.
AI Proficiency: Practical experience using AI tools (e.g., ChatGPT, Claude, Copilot) to optimize workflows, technical writing, or data analysis.
Cloud Security: Familiarity with cloud security methodologies (Shared Responsibility Model) and SaaS/IaaS risk factors - an advantage
AI Security: Initial familiarity with GenAI risks and mitigation (e.g., OWASP Top 10 for LLMs) - an advantage
Benchmarking: Experience in performing Proof of Concept (POC) and comparative analysis of security products - an advantage
Certifications: CISM, CISA, or CISSP - Significant Advantage.
Professional Experience: 5+ years of experience in GRC, information systems auditing, or cyber risk management.
Risk Management Expertise: At least 4 years of hands-on experience in risk assessments or IT auditing.
Financial/Regulatory Background (Mandatory): Proven experience working in a regulated financial/banking environment under strict supervision (e.g., Proper Conduct of Banking Business).
Technical Understanding (Oversight Level): Ability to review security configurations, read logs, and understand network architectures (hands-on configuration is not required).
Exceptional Communication: High-level writing and drafting skills for complex procedures, official policies, and executive reports.
AI Proficiency: Practical experience using AI tools (e.g., ChatGPT, Claude, Copilot) to optimize workflows, technical writing, or data analysis.
Cloud Security: Familiarity with cloud security methodologies (Shared Responsibility Model) and SaaS/IaaS risk factors - an advantage
AI Security: Initial familiarity with GenAI risks and mitigation (e.g., OWASP Top 10 for LLMs) - an advantage
Benchmarking: Experience in performing Proof of Concept (POC) and comparative analysis of security products - an advantage
Certifications: CISM, CISA, or CISSP - Significant Advantage.
This position is open to all candidates.
במקום לעבור לבד על אלפי מודעות, Jobify מנתחת את קורות החיים שלך ומציגה לך רק משרות שבאמת מתאימות לך.
מעל 80,000 משרות • 4,000 חדשות ביום
חינם. בלי פרסומות. בלי אותיות קטנות.
אונליין
5 חודשים
תל אביב - יפו
