GRC Specialist

Tel Aviv
Apply for this position

Dive right in. Swim with our pod.

At Orca, we believe that in the right environment and with the right team, talent has no boundaries. This team spirit, together with our drive to always aim high (because the cloud is the limit), have quickly earned us unicorn status and turned us into a global cloud security innovation leader.

So if you’re ready to join an amazing team of people who inspire each other every day, now is the time to find your place in our pod. 

We’re looking for driven and talented people like you to join our cloud security team and our mission to change the future of cloud security.

Ready to dive in and swim with our pod?


● Fast growth: This company has momentum. It’s THE opportune time to join Orca Security. 

● Disruptive technology: Orca Security completely changed the way cloud is secured and is leading a new approach of how security solutions should be built. It’s completely agentless and detects every important risk in the cloud environment down to the data layer. It’s fast, simple, and complete.

● Well-capitalized: Total funding is almost $630MM in less than 24 months. CapitalG, Redpoint, GGV, YL Ventures, and SVCI. SVCI is a syndicate of CISOs who invested their own money after careful due diligence.

● Founded and led by 8 architects and executives from Check Point and quickly joined by many senior engineers from Palo Alto and Check Point. 

We are looking for talented highly motivated, multi-tasker, and demonstrated team-player to join us as a GRC Specialist ,part of GRC Team to participate in all aspects of compliance, risk management and processes in the security field. As a GRC Specialist at Orca, you will have the chance to make an immediate global impact in the company

On a typical day you'll:

Conduct vendor assessment processes for all types of risk level vendors in a thorough and professional manner.
Lead an employee awareness and training program,
including, for example, building phishing campaigns,
online tutorials, Security & Privacy  materials.
• Manage security and privacy audits, such as: ISO 27001, SOC 2 and FedRamp including collecting evidence, collaborating with stakeholders and reporting to auditors.
• Update policies, including exceptions and suggestions for corrective actions.
• Lead cross-groups projects, such as: user management, compliance solutions.
• Participate in the overall security-client-facing efforts: answer security questionnaires from customers, review legal contracts and exhibits from a security perspective, update and maintain our internal knowledge base.
• Function as a go-to person for employees in security and compliance manners.
• Advise and suggest relevant solutions in order to achieve product compliance.

About you:

  • 2-4 years of professional experience working in a global software vendor/SaaS company as in-house GRC, Information Security, compliance or similar position.
  • Strong understanding of security and privacy frameworks, such as ISO27001, SOC 2, GDPR,  and NIST (an advantage)
  • Legal knowledge and understanding – An Advantage.
  • Experience building and implementing cross-organizational processes.
  • Strong sense of ownership and responsibility.
  • Project management and organizational skills, alongside ability to handle multiple tasks simultaneously.
  • Technical orientation and ability to collaborate with various stakeholders.
  • High level of professionalism, detail-oriented, proactive and motivated.
  • A 'can do' attitude, creativity and problem-solving approach.
  • Excellent communication skills in Hebrew and English, both written and verbal.


Apply for this position