Назад
Company hidden
4 дня назад

GRC Security Specialist (SaaS)

Формат работы
remote
Тип работы
project
Грейд
middle
Английский
c1
Страна
Israel
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

GRC Security Specialist (SaaS): Managing compliance programs, vendor risk, and security governance to ensure practical and effective controls within a fast-scaling environment. Focus on executing end-to-end vendor security assessments, managing ISO 27001 and SOC 2 audits, and integrating AI tools into GRC workflows.

Location: Tel-Aviv, Israel

Company

A leading work management platform enabling teams to customize their workflow and improve productivity.

What you will do

  • Own the end-to-end vendor security assessment process across all risk tiers, utilizing AI-powered tools to evaluate responses.
  • Manage external security audits and maintain compliance for frameworks such as ISO 27001 and SOC 2.
  • Drive annual reviews and updates of security policies based on audit findings and regulatory changes.
  • Lead security governance actions, identifying risks and aligning controls across assigned security domains.
  • Coordinate security awareness and training activities, including phishing simulations and company-wide events.

Requirements

  • 2+ years of experience in GRC, information security, or compliance, preferably within a SaaS company.
  • Strong working knowledge of ISO 27001, SOC 2, GDPR, HIPAA, and NIST frameworks.
  • Proven ability to independently run Third-Party Risk Management (TPRM) processes.
  • AI-native working style with the ability to use AI tools to accelerate policy drafting and audit evidence structuring.
  • Excellent written and verbal communication in Hebrew and English.
  • Must be based in Tel-Aviv, Israel.

Culture & Benefits

  • Work within a small, focused team that moves fast and builds scalable solutions.
  • Close collaboration with cross-functional domains including R&D, Infra, IT, Legal, and Privacy.
  • Hands-on, execution-focused role with ownership over real workstreams.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →