GRC Specialist
Tel Aviv
Lendbuzz
Lendbuzz expands access to credit with a simple and fast auto loan process that looks at you – not just your credit score.
At Lendbuzz, we believe financial opportunity should be more personalized and fair. We develop innovative technologies that provide underserved and overlooked borrowers with better access to credit. From our employees to our dealers, partners, and borrowers, we’ve built a company and a culture around a resolute belief in the promise and power of diversity. We value independent and critical thinking.
We are seeking a dedicated Security GRC (Governance, Risk, and Compliance) Specialist to join our security team. The ideal candidate will play a critical role in managing our organization's security governance, risk management, BCP, and compliance efforts. This role involves implementing and maintaining security frameworks, managing security risks, ensuring compliance with relevant standards, and promoting security awareness across the organization.
We are seeking a dedicated Security GRC (Governance, Risk, and Compliance) Specialist to join our security team. The ideal candidate will play a critical role in managing our organization's security governance, risk management, BCP, and compliance efforts. This role involves implementing and maintaining security frameworks, managing security risks, ensuring compliance with relevant standards, and promoting security awareness across the organization.
Key Responsibilities:
- Develop and implement security policies, procedures, and standards in line with industry best practices
- Ensure security governance processes align with organizational goals and regulatory requirements
- Lead the development, implementation, and maintenance of the organization's Business Continuity Planning (BCP) to ensure operational resilience during disruptions, while coordinating with key stakeholders for risk assessments and recovery strategies
- Identify, assess, and manage security risks across the organization
- Develop and maintain a comprehensive risk management program, including risk registers and mitigation plans
- Manage the third-party security risk management program, including conducting vendor assessments and ongoing monitoring.
- Work with cross-functional teams to ensure that risks are effectively managed and mitigated
- Ensure the organization complies with relevant security standards and frameworks, such as SOC 2, ISO 27001, NIST, etc
- Lead efforts to achieve and maintain necessary security certifications
- Provide support during internal and external audits, including preparing necessary documentation and coordinating with auditors
- Address audit findings and implement corrective actions to improve security posture
- Design and implement security awareness programs to educate employees on security best practices
- Conduct regular training sessions and awareness campaigns to promote a security-conscious culture
Qualifications:
- 3+ years of experience in a GRC role, with a focus on security governance, risk management, and compliance
- Strong knowledge of security frameworks and standards such as SOC 2, ISO 27001, NIST, and others
- Experience with security audit processes and supporting external audits
- Experience in Business Continuity Planning (BCP) or Disaster Recovery (DR) strategies, including risk assessments, business impact analysis, and continuity plan development across diverse organizational functions
- Excellent communication skills, with the ability to effectively convey complex security concepts
- Relevant certifications (e.g., CISSP, CISM, CRISC, CISA) are highly desirable
- Strong analytical and problem-solving skills
- Ability to work independently and prioritize multiple tasks
- Attention to detail and a proactive approach to identifying and mitigating risks
- Excellent organizational skills and ability to manage complex projects
- Strong interpersonal skills and the ability to collaborate across teams
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
2
0
0
Category:
Compliance Jobs
Tags: Audits CISA CISM CISSP Compliance CRISC Governance ISO 27001 Monitoring NIST Risk assessment Risk management SOC SOC 2
Perks/benefits: Competitive pay
Region:
Middle East
Country:
Israel
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Security Operations Engineer jobsPenetration Tester jobsSenior Cyber Security Engineer jobsSenior Cybersecurity Engineer jobsInformation Security Officer jobsInformation Systems Security Officer jobsPrincipal Security Engineer jobsCloud Security Architect jobsSenior Network Security Engineer jobsInformation System Security Officer jobsStaff Security Engineer jobsChief Information Security Officer jobsSenior Penetration Tester jobsSecurity Specialist jobsSecurity Consultant jobsIT Security Engineer jobsCyber Security Specialist jobsSenior Information Security Analyst jobsCyber Security Architect jobsSenior Product Security Engineer jobsSecurity Operations Analyst jobsThreat Intelligence Analyst jobsCybersecurity Consultant jobsInformation System Security Officer (ISSO) jobsSenior Information Security Engineer jobs
SaaS jobsSDLC jobsMalware jobsForensics jobsEncryption jobsRMF jobsGDPR jobsSQL jobsIDS jobsIPS jobsSplunk jobsTop Secret jobsDoDD 8570 jobsEDR jobsFinance jobsBash jobsTerraform jobsUNIX jobsITIL jobsOWASP jobsTCP/IP jobsIntrusion detection jobsGIAC jobsCRISC jobsDocker jobs
SANS jobsActive Directory jobsCompTIA jobsData Analytics jobsCCSP jobsThreat detection jobsBanking jobsOSCP jobsPolygraph jobsClearance Required jobsVPN jobsDNS jobsCyber defense jobsSOC 2 jobsJavaScript jobsIT infrastructure jobsAnsible jobsSOAR jobsGCIH jobsOracle jobsJira jobsSecurity strategy jobsCryptography jobsSOX jobsNIST 800-53 jobs