Were looking for a GRC Specialist to join our Cyber Security Department and lead cybersecurity Governance, Risk, and Compliance efforts for a growing, disruptive fintech operating in a regulated environment.
This role is ideal for someone who thrives on detail and complexity, enjoys working deeply with regulations and frameworks, and can translate dense requirements into clear, actionable controls.
What youll do
Own, implement, and continuously improve GRC frameworks, policies, and processes
Track and enforce execution of policies across, including documentation and evidence collection
Manage cybersecurity risk assessments and translate findings into business-relevant insights
Drive compliance with ISO 27001, PCI DSS, GDPR, DORA, EU AI Act, and any related European and Israeli privacy and banking regulations
Lead audits, third-party risk assessments, and customer/partner security due diligence
Manage and enhance the GRC platform and related workflows.
This role is ideal for someone who thrives on detail and complexity, enjoys working deeply with regulations and frameworks, and can translate dense requirements into clear, actionable controls.
What youll do
Own, implement, and continuously improve GRC frameworks, policies, and processes
Track and enforce execution of policies across, including documentation and evidence collection
Manage cybersecurity risk assessments and translate findings into business-relevant insights
Drive compliance with ISO 27001, PCI DSS, GDPR, DORA, EU AI Act, and any related European and Israeli privacy and banking regulations
Lead audits, third-party risk assessments, and customer/partner security due diligence
Manage and enhance the GRC platform and related workflows.
Requirements:
2+ years of experience in GRC, information security, risk, or compliance
Strong attention to detail and comfort working with long, technical regulatory texts
Ability to break down abstract requirements into practical, real-world security controls
Organized, methodical, and comfortable with structured, process-driven work
Experience with standards, regulatory frameworks, and audit processes, with the ability to learn and implement new ones
Proven project management and stakeholder coordination skills
Excellent written and verbal communication skills in Hebrew and English
Strong desire to learn and stay current with evolving regulations, security frameworks, and industry best practices
Nice to have
Relevant certifications (CISSP, CISM, CISA, CRISC, CISO, PMP, ISO Auditor)
Hands-on experience with ISO 27001, PCI DSS, and Israeli privacy regulations.
2+ years of experience in GRC, information security, risk, or compliance
Strong attention to detail and comfort working with long, technical regulatory texts
Ability to break down abstract requirements into practical, real-world security controls
Organized, methodical, and comfortable with structured, process-driven work
Experience with standards, regulatory frameworks, and audit processes, with the ability to learn and implement new ones
Proven project management and stakeholder coordination skills
Excellent written and verbal communication skills in Hebrew and English
Strong desire to learn and stay current with evolving regulations, security frameworks, and industry best practices
Nice to have
Relevant certifications (CISSP, CISM, CISA, CRISC, CISO, PMP, ISO Auditor)
Hands-on experience with ISO 27001, PCI DSS, and Israeli privacy regulations.
This position is open to all candidates.
