GRC Specialist (Cybersecurity)

TL;DR

GRC Specialist (Cybersecurity): Supporting the Governance, Risk, and Compliance program to maintain security posture and reduce audit friction with an accent on compliance frameworks and vendor risk management. Focus on executing audits for SOC 2, ISO 27001, and GDPR, and integrating acquired companies into the security framework.

Location: Hybrid. Offices in New York, London, Singapore, and Tel Aviv.

Company

Global leader in the video market providing a cloud-based video experience platform for organizations.

What you will do

• Lead audit preparation and ongoing maintenance for SOC 2/3, ISO 27001, ISO 27701, ISO 22301, NIST, and GDPR.
• Execute vendor and third-party security assessments to improve risk visibility across suppliers.
• Respond to customer security questionnaires and audits to support deal velocity and trust.
• Support the security and compliance integration of newly acquired companies.
• Maintain and improve the ISMS, governance processes, policies, and standards.
• Manage GRC tooling and contribute to the Security Awareness Program.

Requirements

• 1-2 years of hands-on experience in GRC, information security, audit, or compliance.
• Practical experience working with ISO 27001, SOC 2, GDPR, and/or NIST CSF.
• Understanding of risk management and control design in SaaS or cloud environments.
• Experience performing vendor risk assessments and driving remediation.
• Clear, concise written and verbal communication skills in English required.

Nice to have

• Certifications such as CISA, CISM, CRISC, or ISO 27001 Lead Auditor/Implementer.
• Experience with privacy governance and DPIAs/PIAs.
• Familiarity with AWS and SaaS cloud environments.
• Experience with GRC platforms or compliance automation tools.

Culture & Benefits

• Hybrid and flexible work environment.
• Extended private health insurance, including mental health coverage.
• Personal and professional development programs.
• Occasional company-wide long weekends.