Head of GRC

Posted Yesterday
Be an Early Applicant
Tel Aviv-Yafo
Hybrid
Senior level
Productivity • Software
monday.com makes work click
The Role
The Head of GRC will lead the Governance, Risk Management, and Compliance team, ensuring adherence to regulations and standards while managing security risks at the company. Responsibilities include policy execution, risk assessments, vendor management, employee training, and customer engagement on security matters.
Summary Generated by Built In

We are looking for a highly skilled, motivated and experienced global Head of GRC (Governance, Risk Management & Compliance) to join us! 

This role will own the GRC domain, lead a boutique team and play a key position in the Security Leadership group (reporting to the CISO) and its vision for the company's scale. The role includes work with different levels of seniority from various domains and will possess strong capabilities of collaborative work and communication skills. 

This is a unique opportunity to play a pivotal role in ensuring that our organization adheres to regulatory requirements, industry standards and best practices while effectively managing risks associated with the security operations, especially in light of our fast growth and readiness for scale.


About The Role:

  • Leadership: Lead the team, develop and empower the team’s personnel (e.g. crafting a PDP - Personal Development Plan), alongside planning the team’s vision, budget, OKRs, annual work plan (consisting of both innovation and operations activities) and additional duties as needed.
  • Governance: review, update, and execute policies, procedures, and ceremonies to ensure alignment with global regulations, compliance programs and customer requirements.
  • Risk management: managing the company's comprehensive security risks, including incident response procedures and activities, resilience statusת risk assessments and remediation plans, considering global threats as well as internal business changes and demands.
  • Compliance: manage monday.com’s compliance domain, ensuring compliance with current certifications (e.g. ISO, SOC), while extending the compliance suite based on business impact.
  • Third party risk management: responsible for the vendor assessment program, for both ongoing processes and new initiatives for improving efficiency.
  • Employees education: lead the monday.com’s security awareness & training program for employees in general and for specific departments (e.g. customer facing, R&D).
  • Customer enablement: the main point of contact for customers regarding security inquiries, including managing top-tier customer calls, legal agreements and questionnaires. In parallel, create customer-facing materials to enhance customer understanding of monday.com's security posture.

Requirements

  • Minimum of 5 years of experience in GRC roles, with at least 2 years in leading teams, preferably in SaaS companies of 500+ employees.
  • Strong understanding and practical experience of industry standards and frameworks such as ISO 27001, SOC2, NIST, GDPR, HIPAA.
  • Legal background - an advantage.
  • Advanced knowledge of risk assessment methodologies, controls implementation, incident response management, vendor assessment, awareness initiatives, and compliance monitoring.
  • Ability to assess and communicate effectively security and privacy risks to technical and non-technical stakeholders of different seniority.
  • Proven track record of successfully leading and managing teams, including strong decision-making and problem-solving skills, and ability to foster a collaborative and inclusive work environment.
  • Excellent verbal and written communication skills in English and Hebrew, and ability to communicate complex concepts in a clear manner.
  • Strong analytical and critical thinking skills to identify risks, gaps, and areas of improvement in existing processes and create strategies for mitigating risks effectively.
  • Demonstrated ability to handle multiple tasks, prioritize effectively, and meet deadlines in a dynamic and fast-paced environment.

What the Team is Saying

Matthew Burns
Nate
Ruchita
Dipro
Nate
Kyle
The Company
HQ: New York, NY
1,500 Employees
Hybrid Workplace
Year Founded: 2012

What We Do

monday.com is a work operating system that transforms the way teams work together. We’ve created a solution that connects people to workplace processes promoting a culture of transparency & empowerment. We're obsessed with building an excellent product. Our goal is to create a work operating system that people will love to use—one that’s fast, beautiful & responsive.

Why Work With Us

At monday.com we believe in transparency, accountability, and impact. Together, those values have lent themselves to create a strong culture of professional and creative autonomy where every team member is encouraged to share ideas and help bring them to life!

Gallery

Gallery

monday.com Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

monday.com embraces a flexible work environment with our hybrid model!

Typical time on-site: 3 days a week
HQNew York, NY
Chicago, IL
Denver, CO
London, GB
Melbourne, VIC
Miami, FL
São Paulo, BR
Sydney, NSW
Tel Aviv-Yafo, IL
Warsaw, PL
Learn more

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account