GRC Specialist

The Global Infosec Department is responsible for the Confidentiality, Integrity and Availability of the company's information, systems, and processes.

It's in charge of establishing controls, building trust and relationships with other departments in the company and making sure that acceptable risk levels are met. 

The Global Infosec Department is working in a huge scale, cloud based environment and supporting the company in delivering the best game experience for millions of gamers worldwide.   

• Lead the company ISO27001 program: Gather needed evidence, Assess risks with stakeholders and maintain the company’s ISMS according to the standard specifications.

• In charge of 3rd party risk management program: Conducting initial vendor risk assessment, reviewing contracts, analyzing Infosec requirements gaps and managing vendor risk management SaaS system.

• Lead cross organization risk management program: Technologies, processes and people and track their mitigation status until reaching acceptable level.

• Write, publish and track compliance with the company global Infosec policies and procedures.

• Lead the company Infosec awareness program: Manage awareness phishing campaigns system, track awareness program usage among new and existing employees, enhance the employee’s Infosec awareness by developing top notch creative activities

• Lead the company PT and assessment program: Handle 3rd party Pen Testers, analyze reports, prepare mitigation plan and track closure of validates risks.

• Respond on behalf of the company to external infosec audits, data protection assessments, Privacy requirements and any other related activity.

• At least 3 years of experience in a similar role in a software/gaming/technology company.

• Experience leading GRC initiatives and making a significant impact on a similar company.

• Extended knowledge in all cyber security domains.

• knowledge in network, infrastructure and cloud environments (SaaS, AWS/GCP, Cloud security tools).

• Great team-player and demonstrated personal skill-set.

• Self-motivated, Independency and prioritization capabilities.

• Great understanding of the business needs, the global Infosec risks and how to close the gap between them.

• Cyber security certifications: CISSP, CISM, CISA, CCSK, etc

Your wellbeing: Flexible, hybrid work experience with talented professionals. Also, high work life balance derived from our people - oriented approach

Your health: top notch health insurance to employees and immediate family. Furthermore, gym membership or a variety or workout options.

Your future: personal and professional tools to assist with your development and journey.

Your contribution: A variety of social and charitable initiatives, that we take pride in.

And if that wasn't enough a fully and over the top stocked kitchen that will make any supermarket envious……