Were looking for an experienced GRC Manager to join our team in Israel. Were seeking someone with solid, hands-on experience who can take ownership and lead both technically and operationally.
You will lead the certification and accreditation processes for our company, managing all current compliance frameworks and certifications. This includes both preparation activities and direct engagement with external auditors, from readiness and gap analysis through to achieving final reports or certificates.
Roles and Responsibilities:
Lead internal and external audit and certification cycles, ensuring readiness and successful completion of assessments.
Maintain and continuously improve our companys internal control framework, ensuring that security and compliance controls are effective, documented, and aligned across ISO 27001, SOC 2, and privacy requirements.
Develop, maintain, and enhance security and compliance documentation, including policies, procedures, and evidence repositories.
Manage the ongoing risk management process by maintaining a centralized risk register and ensuring alignment between business objectives, regulatory obligations, and security controls.
Conduct internal audits and risk assessments to evaluate the effectiveness of technical and organizational controls.
Manage the cybersecurity onboarding and ongoing risk assessments of third-party vendors, while cooperating with Legal to ensure alignment with privacy compliance requirements.
Manage relationships with external auditors and consultants, ensuring timely completion of certification milestones.
Partner with cross-functional teams to strengthen the companys overall GRC posture and support continuous improvement initiatives.
You will lead the certification and accreditation processes for our company, managing all current compliance frameworks and certifications. This includes both preparation activities and direct engagement with external auditors, from readiness and gap analysis through to achieving final reports or certificates.
Roles and Responsibilities:
Lead internal and external audit and certification cycles, ensuring readiness and successful completion of assessments.
Maintain and continuously improve our companys internal control framework, ensuring that security and compliance controls are effective, documented, and aligned across ISO 27001, SOC 2, and privacy requirements.
Develop, maintain, and enhance security and compliance documentation, including policies, procedures, and evidence repositories.
Manage the ongoing risk management process by maintaining a centralized risk register and ensuring alignment between business objectives, regulatory obligations, and security controls.
Conduct internal audits and risk assessments to evaluate the effectiveness of technical and organizational controls.
Manage the cybersecurity onboarding and ongoing risk assessments of third-party vendors, while cooperating with Legal to ensure alignment with privacy compliance requirements.
Manage relationships with external auditors and consultants, ensuring timely completion of certification milestones.
Partner with cross-functional teams to strengthen the companys overall GRC posture and support continuous improvement initiatives.
Requirements:
3-5 Years of proven experience in GRC, information security compliance, or audit management roles.
Experience with audit and certification processes of information security frameworks (e.g., ISO 27001, SOC 2).
Ability to manage cross-functional projects and collaborate effectively with internal stakeholders and external auditors, and consultants.
Excellent communication skills and attention to detail.
Fluent in English (written and spoken).
Preferred Skills:
Experience with risk assessments and managing a risk register end-to-end.
Experience with third-party vendor risk management.
Experience in compliance frameworks of cloud infrastructure.
Knowledge of privacy regulations such as GDPR and CCPA.
Background in cybersecurity or IT risk management.
3-5 Years of proven experience in GRC, information security compliance, or audit management roles.
Experience with audit and certification processes of information security frameworks (e.g., ISO 27001, SOC 2).
Ability to manage cross-functional projects and collaborate effectively with internal stakeholders and external auditors, and consultants.
Excellent communication skills and attention to detail.
Fluent in English (written and spoken).
Preferred Skills:
Experience with risk assessments and managing a risk register end-to-end.
Experience with third-party vendor risk management.
Experience in compliance frameworks of cloud infrastructure.
Knowledge of privacy regulations such as GDPR and CCPA.
Background in cybersecurity or IT risk management.
This position is open to all candidates.
