תיאור המשרה
Description
Every nation has data. Few can protect it. Fewer still can act on it.
Dream is the sovereign AI and national cyber-defense company for governments.
We help nations secure their most critical systems, connect fragmented information at a national scale, and turn their most sensitive data into decisions, all fully sovereign.
This is more than a job. It's a Dream job, where you'll work at a global scale alongside some of the best AI researchers, cyber operators, and government experts in the world.
The mission only works if the company behind it does. This role keeps Dream running at the scale our work demands. And our work demands a uniquely global scale.
The Dream Job
We are looking for a GRC Lead to establish, implement, and maintain a cross-organizational GRC program that supports the organization's growth and security objectives. This role will work closely with IT, Security, Legal, HR, and business stakeholders to develop and enforce governance processes, manage security and business risks, support compliance initiatives, and build a scalable security framework that enables business growth.
The Dream-Maker Responsibilities
Develop and maintain the organization's information security governance framework, including policies, standards, and procedures.
Establish and manage the enterprise security risk management process and maintain the corporate risk register.
Lead compliance initiatives and support external certifications and regulatory requirements.
Coordinate internal and external audits, including evidence collection, control reviews, and remediation tracking.
Develop and manage third-party/vendor risk assessment processes.
Monitor compliance with internal policies and security standards.
Support security awareness and policy communication across the organization.
Track security findings and remediation activities, providing regular reporting to management.
Partner with IT and Security teams to ensure governance processes align with operational realities and business objectives.
The Dream Skill Set
5+ years of experience in GRC, Information Security, or a related governance, risk, or compliance role.
Experience and understanding of common security frameworks and standards (e.g., ISO 27001, NIST CSF, SOC 2, CIS Controls, GDPR, CISM, CISSP, CRISC, CISA, and or similar frameworks).
Ability to build new processes and work independently in a growing organization.
Experience developing and maintaining security policies, standards, procedures, control matrices, evidence repositories, and audit documentation.
Experience with cloud security concepts and best practices across AWS and Azure, including IAM, logging and monitoring, configuration management, and observability.
Excellent communication and stakeholder management skills, with the ability to collaborate effectively across IT, Security, Engineering, Legal, HR, and business teams.
Ability to work across technical and business teams, balancing security, compliance, and business objectives.
Self-driven, hands-on, and comfortable establishing new processes, driving initiatives independently, and operating effectively in a fast-growing organization.
Never Stop Dreaming...
If you think this role doesn't fully match your skills but are eager to grow and break glass ceilings, we’d love to hear from you!
המשרה הזו רלוונטית עבורך?