Dive right in. Swim with our pod. At Orca, we believe that in the right environment and with the right team, talent has no boundaries. This team spirit, together with our drive to always aim high (because the cloud is the limit), have quickly earned us unicorn status and turned us into a global cloud security innovation leader. So if you’re ready to join an amazing team of people who inspire each other every day, now is the time to find your place in our pod.

Responsibilities:

• Conduct vendor assessment processes for all types of risk level vendors in a thorough and professional manner
• Manage security and privacy audits, such as: ISO 27001, SOC 2 and FedRamp including collecting evidence, collaborating with stakeholders and reporting to auditors
• Update policies, including exceptions and suggestions for corrective actions
• Work in cross-groups projects, such as: user management, compliance solutions
• Participate in the overall security-client-facing efforts: answer security questionnaires from customers, review legal contracts and exhibits from a security perspective, update and maintain our internal knowledge base
• Advise and suggest relevant solutions in order to achieve product compliance

Requirements:

• 2-4 years of professional experience working in a global software vendor/SaaS company as in-house GRC, Information Security, compliance or similar position.
• Strong understanding of security and privacy frameworks, such as ISO27001, SOC 2, GDPR, and NIST (an advantage)
• Experience building and implementing cross-organizational processes
• Strong sense of ownership and responsibility
• Project management and organizational skills, alongside ability to handle multiple tasks simultaneously
• Technical orientation and ability to collaborate with various stakeholders
• High level of professionalism, detail-oriented, proactive and motivated
• A 'can do' attitude, creativity and problem-solving approach
• Legal knowledge and understanding - an advantage