About The Role
Leadership: Lead the team, develop and empower the team’s personnel (e.g. crafting a PDP - Personal Development Plan), alongside planning the team’s vision, budget, OKRs, annual work plan (consisting of both innovation and operations activities) and additional duties as needed.
Governance: review, update, and execute policies, procedures, and ceremonies to ensure alignment with global regulations, compliance programs and customer requirements.
Risk management: managing the company's comprehensive security risks, including incident response procedures and activities, resilience statusת risk assessments and remediation plans, considering global threats as well as internal business changes and demands.
Compliance: manage monday.com’s compliance domain, ensuring compliance with current certifications (e.g. ISO, SOC), while extending the compliance suite based on business impact.
Third party risk management: responsible for the vendor assessment program, for both ongoing processes and new initiatives for improving efficiency.
Employees education: lead the monday.com’s security awareness & training program for employees in general and for specific departments (e.g. customer facing, R&D).
Customer enablement: the main point of contact for customers regarding security inquiries, including managing top-tier customer calls, legal agreements and questionnaires. In parallel, create customer-facing materials to enhance customer understanding of monday.com's security posture.
Your Experience & Skills
Minimum of 5 years of experience in GRC roles, with at least 2 years in leading teams, preferably in SaaS companies of 500+ employees.
Strong understanding and practical experience of industry standards and frameworks such as ISO 27001, SOC2, NIST, GDPR, HIPAA.
Legal background - an advantage.
Advanced knowledge of risk assessment methodologies, controls implementation, incident response management, vendor assessment, awareness initiatives, and compliance monitoring.
Ability to assess and communicate effectively security and privacy risks to technical and non-technical stakeholders of different seniority.
Proven track record of successfully leading and managing teams, including strong decision-making and problem-solving skills, and ability to foster a collaborative and inclusive work environment.
Excellent verbal and written communication skills in English and Hebrew, and ability to communicate complex concepts in a clear manner.
Strong analytical and critical thinking skills to identify risks, gaps, and areas of improvement in existing processes and create strategies for mitigating risks effectively.
Demonstrated ability to handle multiple tasks, prioritize effectively, and meet deadlines in a dynamic and fast-paced environment.