GRC Security Specialist

Israel
Hybrid
Full-time

Cyber Security Governance protects the security of an organization’s information systems and data by setting policies, monitoring compliance, and following defined procedures to identify, assess, and manage risks from external and internal threats.

We are seeking a GRC Security Specialist to join our Cyber GRC Team in Payoneer. You will be joining a tight-knit and highly respected team of GRC experts who are central to Payoneer's security strategy. In this role, you will be at the heart of protecting our global financial platform, directly influencing the trust and safety of millions of users worldwide.

What you'll do:

• Directly responsible for policies, procedures, and controls to assure compliance with applicable regulatory, legal, and audit requirements as well as good business practices.
• Develop a Cyber security compliance strategy and approach and ensure compliance with contractual requirements and globally recognized standards and guidelines.
• Identify regulatory, legislative, and industry-specific compliance requirements and define controls that can be used to meet those requirements.
• Conduct and participate in periodic internal reviews or audits to ensure that compliance procedures are followed.
• Oversee and evaluate compliance systems to ensure they function effectively.
• Compile and present reports to management on compliance activities and progress.
• Stay updated on industry developments, regulatory trends, and best practices to evaluate their potential impact on the organization.
• Design and implement enhancements in compliance communication, monitoring, and enforcement mechanisms.
• Develop and execute a compliance awareness program, including the creation and distribution of materials for all employees.
• Partner with Legal and IT teams to manage data protection agreements and compliance initiatives.
• Lead the development and execution of company-wide security awareness and training initiatives.
• Assist in incident response planning and investigations when necessary.

Who you are:

• 4+ years of experience in GRC, information security, or compliance within SaaS, cloud, or enterprise IT environments.
• Strong understanding of regulatory frameworks and security standards such as SOC 2, PCI-DSS, NIST, and cloud security frameworks.
• Knowledge and experience in AI Governance, including AI risk management, ethical AI principles, and alignment with frameworks such as EU AI Act, NIST AI RMF, and ISO/IEC 42001.
• Strong knowledge of SDLC methodology.
• Strong knowledge of IT systems and security controls.
• Experience conducting security risk assessments and working with auditors or regulatory bodies.
• Strong project management skills with the ability to manage multiple compliance initiatives.
• Experience working with IT teams and business stakeholders to enhance security measures.
• Excellent communication and collaboration skills, with the ability to translate compliance requirements into actionable business processes.
• Ability to effectively interface with technical staff and senior management.
• Proficiency in English and Hebrew, both written and spoken, to effectively communicate with local and global teams and stakeholders.
• Strong interpersonal skills with the ability to engage effectively.
• Excellent teamwork and interpersonal communication abilities.

Advantage:

• Certifications such as CISM, CISA, CISSP.
• CISO certification from a recognized institution.
• Master’s degree in information security, Business Administration, or related field.
• Experience in the fintech or financial services industry.

#LI-AG2