GRC Expert

Matrix Eastern Europe, the offshore division of Matrix IT, one of the leading global R&D services companies with more than 10,000 professionals, is looking for a GRC Expert to join one of our client’s teams – Keter.

Keter is a major Israeli global manufacturer known for producing resin-based consumer goods such as outdoor furniture, sheds, tool storage, and home organization products. They are looking for a GRC expert for a dynamic and interesting position which includes training and increasing employee awareness of information security, implementation of cyber security policies, carrying our risk assessments, monitoring information security systems, creating processes for risk management, accompanying global processes, information security surveys, gap analysis, etc.

Responsibilities:

• Conduct organization-wide risk assessments, gap analyses, and information security surveys to identify and mitigate potential threats.

• Lead the implementation and maintenance of cybersecurity policies, procedures, and compliance frameworks (e.g., ISO 27001, Privacy Act).

• Develop and deliver employee training programs to raise information security awareness across the organization.

• Manage and assess third-party/supplier security through structured vendor risk surveys and compliance checks.

• Collaborate with global teams to support regulatory compliance efforts and drive alignment with GDPR, HIPAA, PCI-DSS, and other standards.

• Assist in designing and improving risk management processes and cyber risk reduction plans, including documentation of methodologies and reporting mechanisms.

Requirements:

• At least 5 years of experience carrying out risk assessments, information security surveys and regulatory processes

• Experience managing supplier surveys

• Experience in writing procedures, specification documents and work methodologies

• Experience leading ISO27001 certification and Privacy Act implementation

• Familiarity with different types of cyber-attacks, cyber risks and creation of cyber risk reduction plans

• Writing and upkeeping procedures, policies, specifications and work methodologies

• Familiarity with cyber security architecture – advantage

• Familiarity with information security standards and regulations (GDPR, PCI-DSS, HIPAA) – advantage

• Mother-tongue level English

What we can offer

• Additional 20 days of paid leave

• Remote work and flexible working hours

• Professional and career development benefits

• Top-quality work environment

• Online courses

• Online sports activities

• Team buildings and Christmas parties