monday.com
Head of GRC
monday.com, Chicago, Illinois, United States,
We are looking for a highly skilled, motivated and experienced global Head of GRC (Governance, Risk Management & Compliance) to join us!This role will own the GRC domain, lead a boutique team and play a key position in the Security Leadership group (reporting to the CISO) and its vision for the company's scale. The role includes work with different levels of seniority from various domains and will possess strong capabilities of collaborative work and communication skills.This is a unique opportunity to play a pivotal role in ensuring that our organization adheres to regulatory requirements, industry standards and best practices while effectively managing risks associated with the security operations, especially in light of our fast growth and readiness for scale.About The Role
Leadership : Lead the team, develop and empower the team’s personnel (e.g. crafting a PDP - Personal Development Plan), alongside planning the team’s vision, budget, OKRs, annual work plan (consisting of both innovation and operations activities) and additional duties as needed.Governance : Review, update, and execute policies, procedures, and ceremonies to ensure alignment with global regulations, compliance programs and customer requirements.Risk management : Managing the company's comprehensive security risks, including incident response procedures and activities, resilience status, risk assessments and remediation plans, considering global threats as well as internal business changes and demands.Compliance : Manage monday.com’s compliance domain, ensuring compliance with current certifications (e.g. ISO, SOC), while extending the compliance suite based on business impact.Third party risk management : Responsible for the vendor assessment program, for both ongoing processes and new initiatives for improving efficiency.Employees education : Lead the monday.com’s security awareness & training program for employees in general and for specific departments (e.g. customer facing, R&D).Customer enablement : The main point of contact for customers regarding security inquiries, including managing top-tier customer calls, legal agreements and questionnaires. In parallel, create customer-facing materials to enhance customer understanding of monday.com's security posture.Your Experience & Skills
Minimum of 5 years of experience in GRC roles, with at least 2 years in leading teams, preferably in SaaS companies of 500+ employees.Strong understanding and practical experience of industry standards and frameworks such as ISO 27001, SOC2, NIST, GDPR, HIPAA.Legal background - an advantage.Advanced knowledge of risk assessment methodologies, controls implementation, incident response management, vendor assessment, awareness initiatives, and compliance monitoring.Ability to assess and communicate effectively security and privacy risks to technical and non-technical stakeholders of different seniority.Proven track record of successfully leading and managing teams, including strong decision-making and problem-solving skills, and ability to foster a collaborative and inclusive work environment.Excellent verbal and written communication skills in English and Hebrew, and ability to communicate complex concepts in a clear manner.Strong analytical and critical thinking skills to identify risks, gaps, and areas of improvement in existing processes and create strategies for mitigating risks effectively.Demonstrated ability to handle multiple tasks, prioritize effectively, and meet deadlines in a dynamic and fast-paced environment.We believe in equal opportunity.monday.com is an equal opportunity employer and bans discrimination and harassment of any kind. monday.com is committed to the standard of equal employment opportunity for all employees and to creating and maintaining a workplace free of discrimination and harassment.All qualified applicants will be considered for employment regardless of any personal characteristic. We encourage candidates from all backgrounds to apply, regardless of their race, religion, national origin, ethnicity, sexual orientation, gender identity, age, marital status, family or parental status, physical or mental disability or any other status protected by the laws or regulations in the locations where monday.com operates.monday.com is committed to working with and providing access and reasonable accommodation to applicants with any disabilities. If you think you may require accommodation for any part of the recruitment process, please send a request to accommodations@monday.com.All requests for accommodation are treated confidentially, as practical and permitted by law.Meet the Security team
We are responsible for providing our customers, employees, and management with best-in-class security in order to promote our business goals and company growth.
#J-18808-Ljbffr
Leadership : Lead the team, develop and empower the team’s personnel (e.g. crafting a PDP - Personal Development Plan), alongside planning the team’s vision, budget, OKRs, annual work plan (consisting of both innovation and operations activities) and additional duties as needed.Governance : Review, update, and execute policies, procedures, and ceremonies to ensure alignment with global regulations, compliance programs and customer requirements.Risk management : Managing the company's comprehensive security risks, including incident response procedures and activities, resilience status, risk assessments and remediation plans, considering global threats as well as internal business changes and demands.Compliance : Manage monday.com’s compliance domain, ensuring compliance with current certifications (e.g. ISO, SOC), while extending the compliance suite based on business impact.Third party risk management : Responsible for the vendor assessment program, for both ongoing processes and new initiatives for improving efficiency.Employees education : Lead the monday.com’s security awareness & training program for employees in general and for specific departments (e.g. customer facing, R&D).Customer enablement : The main point of contact for customers regarding security inquiries, including managing top-tier customer calls, legal agreements and questionnaires. In parallel, create customer-facing materials to enhance customer understanding of monday.com's security posture.Your Experience & Skills
Minimum of 5 years of experience in GRC roles, with at least 2 years in leading teams, preferably in SaaS companies of 500+ employees.Strong understanding and practical experience of industry standards and frameworks such as ISO 27001, SOC2, NIST, GDPR, HIPAA.Legal background - an advantage.Advanced knowledge of risk assessment methodologies, controls implementation, incident response management, vendor assessment, awareness initiatives, and compliance monitoring.Ability to assess and communicate effectively security and privacy risks to technical and non-technical stakeholders of different seniority.Proven track record of successfully leading and managing teams, including strong decision-making and problem-solving skills, and ability to foster a collaborative and inclusive work environment.Excellent verbal and written communication skills in English and Hebrew, and ability to communicate complex concepts in a clear manner.Strong analytical and critical thinking skills to identify risks, gaps, and areas of improvement in existing processes and create strategies for mitigating risks effectively.Demonstrated ability to handle multiple tasks, prioritize effectively, and meet deadlines in a dynamic and fast-paced environment.We believe in equal opportunity.monday.com is an equal opportunity employer and bans discrimination and harassment of any kind. monday.com is committed to the standard of equal employment opportunity for all employees and to creating and maintaining a workplace free of discrimination and harassment.All qualified applicants will be considered for employment regardless of any personal characteristic. We encourage candidates from all backgrounds to apply, regardless of their race, religion, national origin, ethnicity, sexual orientation, gender identity, age, marital status, family or parental status, physical or mental disability or any other status protected by the laws or regulations in the locations where monday.com operates.monday.com is committed to working with and providing access and reasonable accommodation to applicants with any disabilities. If you think you may require accommodation for any part of the recruitment process, please send a request to accommodations@monday.com.All requests for accommodation are treated confidentially, as practical and permitted by law.Meet the Security team
We are responsible for providing our customers, employees, and management with best-in-class security in order to promote our business goals and company growth.
#J-18808-Ljbffr