We are looking for an experienced and highly skilled Chief Information Security Officer (CISO) to lead and manage our company's information security program. As CISO, you will be the go-to person who is resposible for developing, impkementing, and maintaining a comprehensive security strategy to protect our organization's information assets, systems, and data from cyber threats and ensure copliance with relevant regulations.
This includes:
-
Develop and implement an enterprise-wide information security strategy, policies, and procedures aligned with industry bes practices and regulatory requirements
-
Identify, assess, and mitigate potential security risks and vulnerabilities through regular risk assessments, penetration testing, and security audits
-
Design, implement, and maintain security controls, including firewalls, intrusion detection/prevention systems, encryption, access controls, and other security technologies
-
Conduct security awareness training and education programs for employess to promote a strong security culture within the organization
-
Investigate and respond to security incidents, perform root cause analysis, and implement corrective measures to prevent future occurrences
-
Stay up-to-date with emerging cyberscurity threats, trends, and best practices, and adapt the security program accordingly
-
Collaborate with cross-functional teams, including IT and legal, to ensure the alignment of security initiatives with business objectives
-
Develop and maintain documentation, including security policies, procedures, and incident response plans
Note: This is a hands-on position
-
Minimum of 3-4 years of hands-on experience in information security, with a strong understanding of security principles, practices, and technologies
-
Proven experience in developing, implementing, and managing comprehensive security programs in a small or medium-sized organization
-
Strong knowledge of security frameworks, standards, and regulations (e.g., NIST, ISO, PCI-DSS, GDPR)
-
Expertise in risk assessment, security controls, incident response, and security auditing
-
Familiarity with security tools and technologies, such as firewalls, IDS/IPS, SIEM, vulnerability scanners, and encryption solutions
-
Knowledge of cloud security principles and practices
Established in 2005, yad2 is the #1 classified platform in Israel. The company is owned by the German media conglomerate Axel Springer and currently employs +300 individuals.
Our mission is to empower people to make smart decisions for themselves and future generations. We do this by continuously giving our sellers and buyers the tools, data, and services they need, as they move along their journey. We operate in 4 main verticals: Real Estate, Vehicles, Drushim IL, and Second-hand goods.
Our strong and leading brand is strengthened by our people, who are responsible for the company's success, and we are committed to creating the best workplace for them. We foster professionalism and excellence by promoting a culture of learning and professional development. We like to say that our employees have orange blood!
Three core values lead us in everything we do:
Go Bold - Having the courage to face challenges, make decisions and demand continuous improvement from others and oneself.
Be a pro - Being professional both in what you do and how you do it, keeping up to date to stay relevant, accountable and take responsibility for your work.
Work together - Creating partnerships, resolving conflicts and working collaboratively.
Our innovative minds in R&D lead us to success: improving our products, using cutting-edge technology, and influencing thousands of Israelis.
We use the latest and greatest technologies, including: node.js, react.js, react native, Microservices architecture, our infrastructure is 100% on AWS build on Kubernetes and Docker using Terraform, our data platform uses MongoDB, Elasticsearch, Spark, Kafka, and more.
To read more about our technology, click here.
What you will be doing
Your skills and experience
-
Certified Information Systems Security Professional (CISSP) Or Certified Information Security Manager (CISM)
-
Strong analytical, problem-solving, and decision-making skills
-
Excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to both technical and non-technical audiences