Hybrid.
Full-time.
What youll do:
Developing and maintaining policies, procedures, and controls to ensure compliance with regulatory, legal, and audit requirements, as well as best business practices.
Creating a cybersecurity compliance strategy and ensuring alignment with contractual obligations and globally recognized standards and guidelines.
Identifying regulatory, legislative, and industry-specific compliance requirements and defining controls to meet them.
Conducting and participating in periodic internal reviews or audits to ensure compliance procedures are followed.
Overseeing and evaluating compliance systems to ensure their effectiveness.
Compiling and presenting reports to management on compliance activities and progress.
Staying up to date on industry developments, regulatory trends, and best practices to assess their impact on the organization.
Designing and implementing improvements in compliance communication, monitoring, and enforcement mechanisms.
Developing and executing a compliance awareness program, including the creation and distribution of materials for all employees.
Partnering with Legal and IT teams to manage data protection agreements and compliance initiatives.
Leading the development and execution of company-wide security awareness and training initiatives.
Assisting in incident response planning and investigations when necessary.
Who you are:
3+ years of experience in GRC, information security, or compliance within SaaS, cloud, or enterprise IT environments.
Strong understanding of regulatory frameworks and security standards such as SOC 2, PCI-DSS, and NIST.
Solid knowledge of SDLC methodology.
Strong understanding of IT systems and security controls.
Experience conducting security risk assessments and working with auditors or regulatory bodies.
Excellent project management skills with the ability to manage multiple compliance initiatives.
Experience collaborating with IT teams and business stakeholders to enhance security measures.
Strong communication and collaboration skills, with the ability to translate compliance requirements into actionable business processes.
Ability to effectively interface with technical staff and senior management.
Proficiency in English and Hebrew, both written and spoken, to communicate effectively with local and global teams.
Strong interpersonal skills with the ability to engage effectively with stakeholders.
Excellent teamwork and interpersonal communication abilities.
Advantages:
Certifications such as CISM, CISA, CISSP.
CISO certification from a recognized institution.
Masters degree in information security, Business Administration, or a related field.
Experience in the fintech or financial services industry.
