r2net
IT GRC Analyst
Job description
The Information Technology, Governance, Risk, and Compliance (IT GRC) Analyst will play a key role in ensuring organizational compliance with critical regulations and standards, including SOX, PCI assessments, and GDPR. This role involves working closely with various departments to ensure Information Technology General Controls (ITGC) policies are comprehensive, current, and consistently adhered to. This position requires complete fluency in both English and Hebrew and the ability to work on-site in Herzliya in a hybrid model.
Key Responsibilities
- Policy & Compliance Management: Maintain, review, and update IT security and compliance policies, procedures, and standards.
- Audit & Testing: Conduct continuous compliance auditing, specifically focusing on change management tickets and user provisioning (creation and termination) lifecycles.
- Access Certifications: Manage and execute quarterly user access certification processes, coordinating closely with business owners.
- Assessments: Assist with annual PCI Self-Assessment Questionnaires (SAQ) and regular risk evaluations.
- Collaboration: Partner with internal team members, cross-functional stakeholders, external audit firms, contractors, and vendors to drive GRC initiatives forward.
- Regulatory Awareness: Stay updated on evolving regulatory landscapes, specifically SOX, PCI, and GDPR requirements.
Qualifications & Requirements
Experience & Education
- Experience: 2 to 4 years of hands-on experience in the IT Audit, IT Compliance, or Cyber Risk field.
- Education: Bachelor’s degree in an IT-related field preferred, or equivalent practical experience.
Technical Skills & Tools
- Foundational knowledge of SOX, PCI-DSS, and GDPR regulations and frameworks.
- Proficiency in the MS Office suite.
- Experience with GRC platforms, specifically Optro (formerly Auditboard), is a strong plus.
- Relevant professional certifications (e.g., CISA, CISSP, CIA) are highly preferred.
Core Competencies & Language
- Complete fluency in both English and Hebrew (written and spoken) is mandatory.
- Strong attention to detail, analytical capabilities, and excellent organizational skills.


