Cyberark Information Security Risk & Compliance Expert 

Israel 

669906472

You’ll play a central role in ensuring ongoing organizational alignment with world-class frameworks while working closely with cross-functional teams to drive a culture of trust, risk awareness, and regulatory readiness.
We are especially looking for someone with, including managing assessments, evidence collection, and cross-functional collaboration.

Key Responsibilities

• Ensure the company’s continuous compliance with leading international standards and regulatory frameworks (e.g., ISO 27001, SOC 2, PCI-DSS).
• Serve as a subject matter expert on PCI-DSS, including supporting annual assessments, gap analyses, and remediation planning.
• Maintain, update, and improve internal GRC policies, controls, and documentation in line with global best practices.
• Monitor changes in the regulatory and industry landscape and assess their applicability to CyberArk’s operations.
• Lead internal control mapping, gap assessments, and remediation tracking.
• Coordinate audit readiness efforts and maintain supporting evidence for external assurance engagements.
• Support risk management activities such as risk assessments, risk registers, mitigation tracking, and escalation workflows.
• Collaborate with teams across Security, IT, Legal, Engineering, and Operations to align compliance and business needs.
• Drive internal awareness and training initiatives on key compliance requirements and GRC processes.
• Contribute to the maturity and automation of the GRC program using dedicated platforms/tools.

• 3+ years of hands-on experience in GRC, Information Security, or Compliance roles.
• Deep familiarity with global standards and regulatory frameworks: ISO 27001, SOC 2, and strong practical experience with PCI-DSS.
• Proven experience supporting PCI-DSS compliance across multiple domains (network security, access control, data protection, etc.).
• Experience managing internal compliance programs in tech-driven or cloud-native environments.
• Excellent written and verbal communication skills in English – ability to document, analyze, and present compliance-related content clearly.
• Highly organized, detail-oriented, and self-motivated with strong analytical thinking.
• Proven ability to work collaboratively across teams in a dynamic environment.
• A positive, proactive, and solution-oriented mindset (can-do approach).
• Experience with GRC platforms is a plus.
• Relevant certifications (e.g. CISA, CISM, CISSP, ISO 27001 Lead Auditor, PCIP) – an advantage.