consulting and incident response support for organizations worldwide. Sygnia
works with companies to proactively build their cyber resilience and to
respond and defeat attacks within their networks. We are the trusted advisor
and cyber security service provider of IT and security teams, senior
managements, and boards of top organizations worldwide, including Fortune 100
companies.
Sygnia draws on top talent from the ranks of elite military technology units
and from across the cyber industry. Described by Forbes as a “cyber security
delta force”, Sygnia applies technological supremacy, digital combat
experience, data analytics and a business-driven mindset to cyber security,
enabling organizations to excel in the age of cyber.
Sygnia is looking for a Cyber Security and Privacy GRC Lead to perform a range
of expert level services. The successful candidate should have experience both
as a security practitioner and consultant, profound security and privacy GRC
related knowledge and passion for cyber security. In addition, they should
have a service approach, excellent communication skills and the ability to
learn and work with the best in the field.
Main Responsibilities:
* Evaluate the state of security and privacy from the GRC perspective, identifying gaps and opportunities and anticipating needs.
* Consult in cyber security engagements, including development of a cyber security plan, design its implementation, and provide guidance on building security roadmaps.
* Recommend cyber security and privacy governance strategies, policies, and procedures.
* Develop and support clients with internal training to ensure deep understanding of fundamental cyber security and privacy governance practices, risks, and recommended mitigation strategies.
* Create expert-level deliverables, and present results of the assessment to a broad range of clients and design plans to address specific cyber risks.
* Collaborate with the cyber experts’ team in the development and implementation of cyber assessment tools, services, and best practices.
* Consult on data privacy/protection GRC aspects as part of Sygnia’s Incident Response engagements; and collaborate with IT and Security teams during investigations.
Main Requirements:
* Proven track record of at least 5 years in cyber security, data protection and privacy governance.
* Deep knowledge of relevant IT, security and privacy regulation, industry standards, and frameworks (e.g., NIST, PCI, ISO, SOC, ITIL, COBIT, CMMI, etc.) and GRC tools (e.g., ServiceNow, Archer, OneTrust).
* Extensive expertise in risk management, business impact analysis, and strategic planning.
* Practical experience in consulting and in communicating with C-levels, especially CIO, CISO, DPO and CRO.
* Experience in working in large enterprises worldwide.
* Sharp analytical skills and a pragmatic mindset.
* Exceptional written and verbal communication and presentation skills in English. Native English speaker – an advantage.
* Sharp analytical capabilities, with a high proficiency in strategic and abstract thinking, as well as attention to technical details.
* Ability to work in a dynamic matrix organizational structure, with people across all levels in the company.
* A positive, can-do attitude, and an ability to learn quickly and adapt to changing environments.
* Ability to work in parallel on multiple projects under tight deadlines.
* Academic degree in a relevant discipline – a must. Law degree – an advantage.
* Information security and privacy certificates from industry leading organizations (e.g., CISSP, CISM, CISA, CPDSE, CIPP, HCISPP) – an advantage.
* The position may require travel abroad (about 1-2 weeks per quarter).