IT & Specialized Assurance Consultant

The IT risk management team specializes in identifying and mitigating technological risks, designing solutions, and advancing systems and processes to prevent potential business damage and minimize risks. Our managers lead projects with local experts drawing on global experience, unique methodologies, and advanced technological tools—serving leading companies in technology, industry, and finance in both the Israeli and global markets. The team works on IT risk management and governance projects with Deloitte US and Israel’s most influential companies, including major banks and top global technology firms. Role Responsibilities: Leading and managing multiple IT risk management projects—including Information Security, IT Governance, and Compliance (GRC) initiatives—for clients in various sectors. Overseeing and orchestrating SOC2/SOC1 audits, information systems risk and cyber risk surveys, and both external and internal IT audit processes. Designing, implementing, and advising on methodologies regarding testing and automation of controls in key business processes and IT systems, including cloud and digital transformation risks. Providing in-depth consultancy on authorizations and segregation of duties (SoD) in IT systems and business operations. Acting as a subject matter expert for clients and internal teams, delivering presentations, methodologies, and best practices. Developing relationships with key client stakeholders and representing the team in management forums. Mentoring, guiding, and developing junior staff. Hybrid work—office (Tel Aviv) and remote

Bachelor’s degree—mandatory; advanced degree (advantage). At least 5 years of relevant experience in information security, GRC, SOC2, ISO27001, or related IT risk management fields—mandatory. Proven experience in leading/motivating teams or project management—mandatory. High level of English (spoken and written)—mandatory. Additional languages—advantage. Substantial hands-on knowledge of security and compliance standards (SOC2, SOC3, FedRAMP, CJIS, GDPR, NIST 800-53, etc.). Strong analytical, communication, and presentation skills. Ability to manage multiple projects, prioritize, and deliver high-quality results under tight deadlines. Advantage: Experience working with global teams or international clients.