You will be reporting directly to our Compliance and Data Protection Officer and will work with our legal and tech teams (Security/IT/Product/R&D) to ensure all company’s operations and standards are always up to date with top industry standards.

• Ensure compliance with governmental and security regulations and standards, such as ISO27001, SOC2, GDPR, HIPAA, etc.
• Support the sales and Customer Success team in responding to customer requests regarding the security and privacy controls of Glassbox’s products and infrastructure
• Take ownership of the company's security and data privacy audit questionnaires to appropriately reflect the company's standards to its customers and partners
• Mature and oversee the vendor assessment and risk management process for suppliers and 3rd parties in collaboration with our IT and legal team
• Assist in maintaining the company’s policies and procedures
• Reviewing, analyzing, and summarizing legal documents under the instruction of the legal team
• Assist in building controls and procedures (including risk assessments) for new markets and new products with the company Compliance team
• Promote security and privacy awareness across all business functions

What You Will Need

• 1-3 years of Information Security, Risk Management, Privacy, or Audit experience in complex IT environments
• Hands-on experience in implementing and maintaining security standards and frameworks (ISO 27XXX, SOC 2, NIST, OWASP, etc.)
• Familiarity with relevant privacy regulations, such as GDPR, HIPAA, and CCPA, including experience in working to achieve compliance with their requirements
• Detail-oriented and strong organizational skills with the ability to handle several projects simultaneously
• Familiarity with cloud and SAAS technologies
• Excellent verbal and written communication skills (English and Hebrew)
• Highly organized and proven ability to work in a dynamic and fast-paced environment

• Working for one of the top global consultancy firms
• Technology oriented and technical capabilities and understanding of tech environments and systems
• Experience with security tools and technologies
• Legal background