CareersGet in Touch
Back to Careers

Senior Security & Privacy Consultant – GRC & CISO Advisory

Tel AvivFull Time

We are

We are a cloud and security services company composed of technical experts with extensive hands-on experience. We act as trusted advisors to our clients, offering independent, objective and custom-tailored consultation. Our team is dedicated to helping customers through every stage of their cloud and cybersecurity journey, from strategic planning and design to implementation and ongoing operations.

About the position

As a Senior Security, Privacy & GRC Consultant, you support organizations in strengthening their security and privacy posture and maturing their governance, risk, and compliance capabilities. You act as a trusted advisor to senior stakeholders and contribute to CISO-level initiatives, helping clients design and improve practical security programs aligned with business needs and regulatory requirements.

The role combines strong GRC expertise with a solid understanding of enterprise IT security and security operations, enabling you to provide pragmatic, risk-based guidance that bridges governance and technical implementation. You will also support privacy governance initiatives, including Data Protection Officer (DPO) engagements.

Responsibilities

  • Act as a security advisor to client leadership, supporting CISO-level initiatives and the development of security strategies, roadmaps, and risk management programs aligned with business objectives.
  • Support clients in strengthening their overall security posture across enterprise IT environments, including infrastructure security, identity and access management, and security operations.
  • Lead security risk assessments and gap analyses, and help prioritize remediation activities based on risk and business impact.
  • Conduct security architecture and design reviews, assessing system architectures, data flows, identity models, and trust boundaries from a security perspective.
  • Identify architectural and operational security risks and provide practical, risk-based recommendations for mitigation.
  • Lead and support governance, risk, and compliance initiatives, including ISO 27001 and SOC 2 readiness, implementation, and ongoing maintenance.
  • Develop and maintain security policies, standards, and governance processes, and support audit preparation and compliance activities.
  • Support privacy and data protection initiatives, including assisting with the Data Privacy Officer function and helping organizations align with applicable privacy regulations.
  • Communicate security risks and recommendations clearly to both technical and non-technical stakeholders, including senior leadership.
  • Lead security consulting engagements, managing timelines, deliverables, and coordination with client teams and internal specialists to ensure effective implementation of recommendations.

Qualifications

  • 5+ years of experience in cybersecurity, with responsibilities across governance, risk management, and security architecture.
  • Strong understanding of GRC practices, including governance frameworks, risk assessments, and control design.
  • Active Top Secret civilian clearance — an advantage.
  • Experience supporting or contributing to CISO-level initiatives such as security strategy, program development, and risk prioritization.
  • Hands-on experience with security standards and frameworks such as ISO 27001 and/or SOC 2.
  • Solid understanding of enterprise IT security, including infrastructure security, identity and access management, and security operations concepts.
  • Ability to review system architectures, data flows, and identity models to identify and assess security risks.
  • Experience communicating security risks and recommendations to both technical teams and executive stakeholders.
  • Familiarity with privacy and data protection requirements under Israeli law.
  • DPO experience or formal privacy training — an advantage.
  • Strong analytical skills and the ability to balance security risk, compliance, and business needs.