GRC Security Specialist

If you're into online shopping (who isn't these days?), chances are you've crossed paths with Yotpo. We're all about eCommerce retention—helping brands of every size turn one-time shoppers into lifelong customers. 

Think loyalty programs, SMS and email marketing, and reviews—it's what we do best. Plus, we've got more tricks up our sleeve.

With teams spread across the globe—from the US and Canada to the UK, Israel, Bulgaria, and Australia—we're growing fast. Our main mission? Delivering cutting-edge technology that sets new standards in the industry.

Sounds exciting? Then read on, because we’re looking for curious professional talents to be a part of building the future of the e-commerce industry.

We are looking for a highly professional, multitasker, and demonstrated team player to join our security team as a GRC Specialist and participate in all aspects of compliance, risk management, security evaluations and processes in the security field.  In this role, you will be part of the Security team and have the opportunity to impact our organization immediately.

What you’ll do:

• Develop, implement, and maintain governance, risk management, and compliance frameworks and policies aligned with industry best practices.
• Monitor compliance with information security and privacy policies at a technology company.
• Completing vendor security assessments and reviews
• Reviewing security clauses in customer and vendor contracts
• Lead the information security training course design and development of the program
• Conduct regular risk assessments to identify, evaluate, and prioritize risks across the organization, ensuring timely mitigation actions are implemented
• Management of the organization's technological risk assessments
• Ability to manage the process of Penetration testing and technical Risk assessments end to end till closure
• Supporting the business with customer engagements, including attending customer calls and supporting our sales teams
• Identify, assess, and prioritize technical BA/IT and Engineering risks

What to bring:

• Minimum of 3 years of experience in a similar role in a technology/software/cloud organization - or a consultancy firm
• Strong understanding of key compliance frameworks (e.g., SOC 2, ISO 27001)
• Acquaintance working with cyber security tools and products
• Degree in Business Administration, Information Technology, Risk Management, or a related field

Nice to have:

• Experience with cloud security compliance (e.g., AWS, Azure, Google Cloud).
• Experience with data privacy regulations (e.g., GDPR, CCPA).

What we offer:

• Track to success – work in a dynamic organization with ambient and laid-back office atmosphere
• Individualized career development, rewards, and recognition.
• Work-life balance – 25 days paid vacation with add-ons for loyalty, regular team buildings and celebrations in and outside the country
• Additional health insurance package
• Internal mobility program and refer-a-friend program
• Managing a fixed monthly budget for social benefits thru Re:Benefit – a flexible online benefits solution
• Food vouchers
• E-learning portals and knowledge sharing sessions.
• Company backed Hackathons, Tech conferences, workshops events, etc
• Stocked kitchen and bar.
• Equity in options.
• Flexible hybrid capacity.

Why Choose Us? 

• Build Your Career Growth: dynamic organization offering personalized career growth, and recognition.
• Be a Passionate Crafter: dedicated to the art of crafting, high level of skills and creativity.
• Be The Best Version of Yourself: combine individual voice and unique quirks to create

If you don’t meet 100% of the qualifications outlined above, that’s okay! We believe in hiring people, not just skills. If you have a passion to learn and are excited about eCommerce and technology, then we want to hear from you.

Help us be the best version of Yotpo by building something great together!

#LI-Hybrid