Maintain internal and external trust platforms, supporting ongoing customer due diligence activities including audits, questionnaires, and reviewing security contractual requirements.
Provide training and guidance to sales teams on compliance-related matters and develop tools and resources to enable the sales team to efficiently respond to compliance inquiries from prospective and existing customers.
Collaborate with cross-functional teams to support and enhance the overall GRC program.
Ensure company policies, procedures, and controls are aligned with regulatory requirements and industry standards.
Proactively gather customer feedback and stay abreast of industry trends to adapt and mature the GRC program accordingly.
Implement improvements and updates to the program based on regulatory changes and customer requirements.
Participating in risk assessment and risk management processes.
To be a GRC specialist in JFrog you need...
Minimum 3 years as a cyber security / GRC specialist, expert or consulting
Strong knowledge and hands-on experience with ISO 27001 and SOC 2 Type II
Familiarity with additional security frameworks as well as privacy regulations and standards (NIST, CSA, CAIQ, SIG, GDPR, CCPA, ISO 27701) is an advantage.
An excellent ability to communicate verbally and in writing
Ability to work on multiple projects simultaneously
Project management skills
Self-driven and fast learner with a can-do approach