Cyber Risk Management Specialist

Cyber Risk Management Specialist at Israel Securities Authority

The Israel Securities Authority is seeking a Cyber Risk Management Specialist to join their dynamic team. This pivotal role involves ensuring the robust management of cyber and technological risks within the financial sector, contributing to the stability and integrity of the capital market.

Key Responsibilities

• Professionally and methodologically examine documents, expert opinions, and professional approvals related to technology and cybersecurity, submitted for licensing, supervision, and control processes.
• Develop, formulate, and implement methodologies and tools for comprehensive oversight of cyber risk management, IT, and operational resilience across supervised entities.
• Continuously monitor, learn, and analyze trends, developments, and professional practices in cyber and technology, both locally and internationally, translating them into actionable insights.
• Provide expert assistance to supervision units in analyzing reports, cyber incidents, and operational disruptions, including formulating professional opinions and highlighting systemic risks.
• Conduct audits on relevant topics, including formulating findings, recommendations, and drafting comprehensive audit reports.

Required Skills and Qualifications

This role is ideal for individuals with a deep understanding of cyber and technology risk management, strong critical thinking, exceptional analytical abilities, and professional curiosity. The successful candidate will be adept at bridging the gap between technology, cyber, IT, and the regulatory/supervision landscape. A systemic vision and a desire to influence broad standards and processes within the capital market are essential.

Minimum Requirements

• Academic education or equivalent formal training in cyber risk management, information security, or technological risk management.
• At least 3 years of professional experience in methodological cyber risk management, including regulatory work, auditing, risk management, or similar roles.
• Familiarity with recognized industry frameworks and standards such as ISO 27001, NIST, and others.

Significant Advantages

• Experience working within a financial institution, institutional body, financial regulator, or a consulting firm serving such entities in cyber risk management.
• Proven experience in writing policy documents, regulatory instructions, or methodological guidelines.
• Practical experience in conducting information security, IT, or cyber audits.
• Practical experience in performing information security, IT, or cyber risk assessments.
• Hands-on experience and familiarity with cloud environments (e.g., AWS, Azure, GCP) and their associated information security and risk management aspects.
• Professional certifications such as CISSP, CISM, CRISC, CISA.

Work Environment & Benefits

The position is located at the Israel Securities Authority offices in Tel Aviv. A hybrid work model is available, offering a blend of office and remote work. Compensation will be competitive and based on the candidate's qualifications and experience. Please note that employees of the Authority are subject to certain restrictions regarding securities acquisition as per Section 5 of the Securities Law, 1968, and will undergo conflict of interest and reliability assessments.

Key skills/competency

• Cyber Risk Management
• Information Security
• IT Risk Management
• Regulatory Compliance
• Operational Resilience
• Audit & Assessment
• NIST Framework
• ISO 27001
• Cloud Security (AWS, Azure, GCP)
• Financial Services Regulation