SolarEdge is a top global leader, manufacturing smart energy solutions. The company's broad range of products encompasses intelligent inverter and storage systems & revolutionary EV chargers; by doing that, we are changing the way electricity is being produced and consumed around the world.
We are looking for GRC and Data Protection Leader.
This role is an individual contributor which leads the GRC and data protection domain as part of the security group. The Governance, Risk, and Compliance Manager is responsible for assessing and documenting SolarEdge compliance and risk posture as they relate to its information assets.
This role requires highly skilled technical and information security expertise for the development and implementation of the information security risk management program.
This role will lead the ITGC domain and be the liaison on the privacy domain between legal and will collaborate with Product, R&D, MIS, IT, BI and Internal controls. Responsibilities require leadership and project management experience, as well as expertise to ensure effective system-wide security & risk analysis; standards and testing; risk assessment; awareness and education; and development of policies, standards and guidelines.
What will you be doing:
- Collaborate to define and implement cyber security & ITGC standards and develop supporting organizational policies & procedures.
- Design technological solutions for controls and compliance in an automated environment
- Designing and implementing data protection policies, processes, and procedures to align with GDPR and Information Security policies, both for on-prem and cloud-hosted data
- Be the compliance and technical interface between legal, Product and R&D in order to translate regulations to technological requirements as part of the privacy and security by design framework
- Support internal and external audit processes for relevant compliance programs such as SOX and ISO.
- Perform security and compliance assessments on new and existing systems, processes, technology.
- Develop relevant documentation including workshop materials, process flows and policies & procedures.
- Perform business impact analysis and assist with the development of IT/InfoSec risk register.
- Perform periodic gap assessments to validate compliance on an ongoing basis.
- Maintain up-to-date understanding of legislation and regulations that impact information Security like. Data Protection Act (2018), GDPR.
- Develop and maintain the company awareness program
- At Least 3 years' of experience with legal and regulatory compliance standards such as SOX / (ITGC) / ISO / GDPR
- Security-related certification, such as CISA or CISM, is an advantage .
- Familiarity with ISMS and security frameworks, particularly NIST Cybersecurity Framework.
- Strong understanding of fundamental information security concepts and technology.
- Experience with IT governance, risk, and compliance management in a large global environment.
- Experience with Privacy domain and PIA processes is advantage
- Excellent interpersonal and communication skills
- Strong presentation skills
- Advanced project management skills
- Ability to work independently as well as within a team
- Ability to work in a global environment
- Desire for constant improvement
- Passion for problem solving and simplification of complex problems