Sygnia is a top-tier cyber technology and service company, providingconsulting and incident response support for organizations worldwide. Sygniaworks with companies to proactively build their cyber resilience and to respondand defeat attacks within their networks. We are the trusted advisor and cybersecurity service provider of IT and security teams, senior managements, andboards of top organizations worldwide, including Fortune 100 companies.
Sygnia draws on top talent from the ranks of elite military technologyunits and from across the cyber industry. Described by Forbes as a “cybersecurity delta force”, Sygnia applies technological supremacy, digital combatexperience, data analytics and a business-driven mindset to cyber security,enabling organizations to excel in the age of cyber.
Sygnia is looking for a GRCLead to perform a range of expert level services. Thesuccessful candidate should have experience both as a security practitioner andconsultant, profound security and privacy GRC related knowledge and passion forcyber security. In addition, they should have a service approach, excellentcommunication skills and the ability to learn and work with the best in the field.
- Evaluate the state of security andprivacy from the GRC perspective, identifying gaps and opportunities andanticipating needs
- Consult in cyber security engagements,including development of a cyber security plan, design its implementation, andprovide guidance on building security roadmaps
- Recommend cyber security and privacygovernance strategies, policies, and procedures
- Develop and support clients withinternal training to ensure deep understanding of fundamental cyber securityand privacy governance practices, risks, and recommended mitigation strategies
- Create expert-level deliverables, andpresent results of the assessment to a broad range of clients and design plansto address specific cyber risks
- Collaborate with the cyber experts’team in the development and implementation of cyber assessment tools, services,and best practices
- Consult on data privacy/protection GRCaspects as part of Sygnia’s Incident Response engagements; and collaborate withIT and Security teams during investigations
- Proven track record of at least 5years in cyber security, data protection and privacy governance
- Deep knowledge of relevant IT,security and privacy regulation, industry standards, and frameworks (e.g.,NIST, PCI, ISO, SOC, ITIL, COBIT, CMMI, etc.) and GRC tools (e.g., ServiceNow,Archer, OneTrust)
- Extensive expertise in riskmanagement, business impact analysis, and strategic planning
- Practical experience in consulting andin communicating with C-levels, especially CIO, CISO, DPO and CRO
- Experience in working in largeenterprises worldwide
- Sharp analytical skills and apragmatic mindset
- Sharp analytical capabilities, with ahigh proficiency in strategic and abstract thinking, as well as attention totechnical details
- A positive, can-do attitude, and anability to learn quickly and adapt to changing environments
- Ability to work in a dynamic matrix organizationalstructure, with people across all levels in the company
- The position may require travel abroad(about 1-2 weeks per quarter)
- Exceptional written and verbalcommunication and presentation skills in English. Native English speaker - anadvantage
- Academic degree in a relevantdiscipline - a must. Law degree – an advantage.
- Information security and privacycertificates from industry leading organizations (e.g., CISSP, CISM, CISA,CPDSE, CIPP, HCISPP) - an advantage.