Cyber TGRC

About the Cyber TGRC Role at Elbit Systems Israel

Lead Technology Governance, Risk, and Compliance (TGRC) within the cybersecurity domain at Elbit Systems Israel. This critical role involves implementing robust security policies, diligently reducing organizational risk, and ensuring comprehensive compliance with a wide array of international regulations and industry standards.

Role Benefits

• Direct impact on organizational cyber resilience, meticulously aligned to business objectives.
• Broad exposure to cutting-edge technologies, complex regulations, and essential cross-functional collaboration.

Key Responsibilities

• Developing and implementing comprehensive Cyber TGRC frameworks.
• Conducting thorough risk assessments and defining effective mitigating controls.
• Establishing and maintaining robust policies, standards, and procedures, meticulously aligned with international frameworks such as ISO 27001, NIST, and CIS Controls.
• Managing intricate compliance requirements including GDPR, SOX, ITAR/EAR, and other relevant regulations.
• Planning and executing internal and external audits, actively leading corrective actions to closure.
• Collaborating seamlessly with IT/OT, Legal, Procurement, and various business stakeholders.
• Supporting incident response activities with timely regulatory reporting and governance oversight.

Qualifications and Skills

Candidates for the Cyber TGRC position should be adept at measuring, monitoring, and reporting the organization's risk posture and key performance indicators (KPIs) to leadership effectively.

Requirements

• At least 3 years of proven experience in GRC/Information Security.
• Deep knowledge of critical standards and regulations, including ISO 27001, NIST-CSF, CIS Controls, and GDPR.
• Strong technical understanding across diverse domains such as infrastructure, cloud environments, networking, and OT protocols.
• Demonstrable experience in project management, policy writing, and control implementation.
• Excellent English proficiency, both written and verbal, is essential.
• Relevant certifications such as CISM, CRISC, or ISO 27001 Lead Implementer/Lead Auditor are a significant advantage.
• Possess strong analytical thinking and a keen risk management orientation.
• Excellent communication and stakeholder engagement abilities.
• Proven executive reporting and documentation capabilities.
• A proactive, accountable, and independent working style.

Key skills/competency

• Cybersecurity
• Governance Risk Compliance
• Information Security
• Risk Management
• Compliance Management
• ISO 27001
• NIST CSF
• GDPR
• Audit Management
• Policy Development