GRC Specialist
פורסם 28 במאי · 84 מועמדים
התפקיד במילים פשוטות
התפקיד כולל תמיכה בתוכנית הממשל, סיכונים ותאימות (GRC) של Kaltura. העבודה היומיומית תכלול הובלת הכנות לביקורות ותחזוקת תאימות שוטפת, ביצוע הערכות אבטחה לספקים וצדדים שלישיים, ומענה לשאלונים וביקורות אבטחה של לקוחות.
- 1-2 years hands-on experience in GRC, information security, audit, or compliance
- Practical experience working with ISO 27001, SOC 2, GDPR, and/or NIST CSF, including audits and ongoing compliance activities
- Solid understanding of risk management, control design, and governance processes in a SaaS or cloud environment
- Experience performing vendor / third-party risk assessments and driving remediation
- Strong ability to work cross-functionally with technical and non-technical stakeholders
- Relevant certifications such as CISA, CISM, CRISC, or ISO 27001 Lead Auditor / Implementer
- Experience with privacy governance, DPIAs/PIAs, and collaboration with legal and privacy teams
- Familiarity with cloud and SaaS environments, particularly AWS
- Experience with GRC platforms or compliance automation tools
חולץ מתיאור המשרה · מתעדכן אוטומטית
למי זה מתאים
התפקיד מתאים למועמדים בעלי ניסיון של 1-2 שנים בתחום ה-GRC, אבטחת מידע, ביקורת או תאימות, עם התמקדות בביצוע ותיאום. הוא אידיאלי למי שיש לו ניסיון מעשי עם ISO 27001, SOC 2, GDPR ו/או NIST CSF.
תיאור המשרה המלא
המשרה המקורית · נשמר לעיוןThe role
We are looking for a GRC Specialist to support Kaltura’s Governance, Risk, and Compliance (GRC) program, reporting directly to the CISO.
This is a hands‑on, execution‑focused role responsible for maintaining and scaling our compliance posture, reducing audit friction, addressing vendor risk, and supporting the integration of newly acquired companies into Kaltura’s security and compliance frameworks.
You will work closely with Security Engineering, IT, Legal, Privacy, Sales/Revenue, Procurement, Product, HR, and other business stakeholders to ensure security controls, compliance activities, and risk management processes are practical, effective, and aligned with business needs.
The day‑to‑day
Lead audit preparation and ongoing compliance maintenance for frameworks such as SOC 2 / SOC 3, ISO 27001, ISO 27701, ISO 22301, NIST, and GDPR, including evidence collection, gap tracking, and remediation coordination
Own and execute vendor and third‑party security assessments, helping reduce backlog and improve risk visibility across suppliers and partners
Respond to customer security questionnaires and audits, partnering with Sales and Security teams to support deal velocity and customer trust
Support the integration of newly acquired companies into Kaltura’s security, risk, and compliance programs, including gap assessments and remediation planning
Maintain and improve the ISMS, governance processes, policies, standards, and procedures
Act as a central point of contact for internal security and compliance inquiries from business and technical teams
Support the administration and continuous improvement of GRC and compliance tooling, including workflows, evidence management, and reporting
Contribute to the Security Awareness Program and cross‑organizational education efforts
Ideally, we’re looking for
1-2 years hands‑on experience in GRC, information security, audit, or compliance, with a strong focus on execution and coordination
Practical experience working with ISO 27001, SOC 2, GDPR, and/or NIST CSF, including audits and ongoing compliance activities
Solid understanding of risk management, control design, and governance processes in a SaaS or cloud environment
Experience performing vendor / third‑party risk assessments and driving remediation
Strong ability to work cross‑functionally with technical and non‑technical stakeholders
Clear, concise written and verbal communication skills in English, including customer‑facing documentation
Strong organizational skills and attention to detail, with the ability to manage multiple parallel workstreams
These would also be nice
Relevant certifications such as CISA, CISM, CRISC, or ISO 27001 Lead Auditor / Implementer
Experience with privacy governance, DPIAs/PIAs, and collaboration with legal and privacy teams
Familiarity with cloud and SaaS environments, particularly AWS
Experience with GRC platforms or compliance automation tools
The perks:
Hybrid, flexible work environment
Extended private health (including mental) insurance
Personal and professional development programs
Occasional Cross company long weekends
Show more
Show less
שאלות על המשרה
- המשרה לא ציינה שכר. אנחנו מציגים שכר רק כשהמעסיק מפרסם אותו.
- היברידי
- 1-2 years hands-on experience in GRC, information security, audit, or compliance, Practical experience working with ISO 27001, SOC 2, GDPR, and/or NIST CSF, including audits and ongoing compliance activities, Solid understanding of risk management, control design, and governance processes in a SaaS or cloud environment, Experience performing vendor / third-party risk assessments and driving remediation, Strong ability to work cross-functionally with technical and non-technical stakeholders