GRC Specialist

Description

We’re growing and looking to hire a GRC Specialist who embodies our core values: People First, Customer Obsession, Strive for Excellence, and Integrity.

Claroty is on a mission to secure cyber-physical systems across industrial, healthcare, commercial and public sector environments: the Extended Internet of Things (XIoT). The Claroty Platform integrates with customers’ existing infrastructure to provide a full range of controls for visibility, exposure management, network protection, threat detection, and secure access. Our solutions are deployed by over 1,000 organizations at thousands of sites across all seven continents.

Claroty is headquartered in New York City, with employees across the Americas, Europe, Asia-Pacific, and Tel Aviv. The company is widely recognized as the industry leader in cyber-physical systems protection, with backing from the world’s largest investment firms and industrial automation vendors, as well as recognition from KLAS Research as Best in KLAS for Healthcare IoT Security, the Deloitte Technology Fast 500, the Forbes Cloud 100, and the Fortune Cyber 60. 

About the Position

Claroty is a forward-thinking organization dedicated to maintaining the highest standards of security and compliance. We are committed to fostering a secure environment for our clients and employees by implementing robust governance, risk management, and compliance (GRC) practices. We are currently seeking a dedicated and detail-oriented GRC Specialist to join our dynamic Security Department.

As a GRC Specialist, you will play a critical role in supporting the GRC Manager to ensure that our organization's governance, risk management, and compliance programs are effectively implemented and maintained. You will be responsible for assisting in the development, implementation, and monitoring of GRC processes to ensure compliance with regulatory requirements and internal policies.

Responsibilities

Assist the GRC Manager in developing and maintaining GRC frameworks, policies, and procedures.

- Conduct risk assessments and identify potential areas of vulnerability and risk within the organization.

- Monitor and report on compliance with regulatory requirements and internal policies.

- Assist in the development and delivery of GRC training programs for staff.

- Support the implementation and maintenance of GRC tools and systems.

- Conduct regular audits and assessments to ensure compliance with established GRC policies and procedures.

- Collaborate with various departments to ensure a cohesive approach to governance, risk management, and compliance.

- Assist in the preparation of reports and documentation for internal and external stakeholders.

- Stay up-to-date with industry best practices and regulatory changes to ensure the organization's GRC practices remain current and effective.

Requirements

Excellent English reading and writing skills

Familiarity with organizational staging tools (Monday, Confluence, excel)

- Bachelor's degree in Information Security, Risk Management, law, or a related field.

- 2+ years of experience in a GRC role or a similar position within the security department.

- Strong understanding of GRC frameworks and best practices.

- Experience with risk assessment and management processes.

- Knowledge of relevant regulatory requirements and standards (e.g., GDPR, ISO 27001, NIST).

- Excellent analytical, problem-solving, and communication skills.

- Ability to work independently and collaboratively within a team environment.

- Strong attention to detail and organizational skills.

- Professional certifications such as CISA, CISO, or CISSP are a plus.