Cybersecurity Architect (GRC & Risk)

TL;DR

Cybersecurity Architect (GRC & Risk): Leading security governance, risk, and control assessments for enterprise clients with an accent on third-party due diligence and maturity framework alignment. Focus on translating complex technical findings into actionable remediation plans and executive-ready security strategies.

Location: Herzliya, Israel (Hybrid)

Company

hirify.global provides a SaaS platform and expert services that enable security leaders to execute optimized security programs with significant business impact.

What you will do

• Lead customer third-party security due diligence assessments.
• Facilitate mitigation workshops to prioritize remediation workplans based on assessment findings.
• Perform security maturity assessments aligned with the NIST CSF 2.0 framework.
• Develop and refine security methodologies, processes, and architectural guidance.
• Analyze technical findings to identify governance, risk, and control gaps.
• Produce structured reports and summaries for both technical and non-technical stakeholders.

Requirements

• 3-4 years of experience in cybersecurity GRC, IT risk, compliance, or audit roles.
• Strong understanding of governance, risk management, and operational security processes.
• Familiarity with frameworks such as NIST CSF and ISO 27001.
• Conceptual understanding of cloud and SaaS shared responsibility models.
• Ability to communicate technical issues in business-aligned language.
• Strong writing, communication, and facilitation skills.

Nice to have

• Hands-on experience with security controls implementation.

Culture & Benefits

• Opportunity to work with global enterprise clients across multiple industries.
• Collaboration with CISOs and security leaders.
• Exposure to advanced security frameworks and methodologies.
• Professional environment focused on high-impact security programs.