Cybersecurity Architect (GRC & Risk)
IT
Herzliya, Israel
Posted on May 26, 2026
Cye is seeking a Cybersecurity Architect (GRC & Risk) to join our cybersecurity architecture team. In this role, you will lead security governance, risk, and control assessments, conduct third-party due diligence, support maturity assessments, and drive mitigation and architectural review processes. You’ll work closely with CISOs, security leaders, engineering teams, and customers to develop risk-focused methodologies and improve security frameworks. This position is best suited for candidates with a technical GRC, risk, or security assessment background who excel in analysis, interpretation, and structuring of security information.
Responsibilities
- Lead customer third‑party security due diligence assessments.
- Lead mitigation workshops to translate penetration test and assessment findings into prioritized remediation workplans.
- Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.
- Develop and refine security methodologies, processes, and architectural guidance.
- Maintain internal documentation and ensure alignment between frameworks, processes, and practical implementation.
- Analyze technical findings and map them to governance, risk, and control gaps.
- Produce clear, structured reports and executive‑ready summaries for technical and non‑technical audiences.
Qualifications
- 3-4 years in cybersecurity GRC, IT risk, compliance, audit/assurance, or related process‑oriented security roles.
- Strong understanding of governance, risk management, and operational processes.
- Familiarity with cybersecurity frameworks (NIST CSF, ISO 27001 concepts), risk assessment, mitigation planning, and third‑party risk management.
- Basic conceptual understanding of cloud/SaaS shared responsibility models.
- Ability to communicate technical issues in business‑aligned language.
- Hands-on experience with security controls – an advantage.
- Strong writing, communication, and facilitation skills.
- Comfortable collaborating with internal stakeholders and external customers.
About us
Cye helps security and risk leaders gain a clear, defensible view of their cyber exposure, grounded in financial impact and real-world attack paths. By continuously quantifying exposure and validating it in context, organizations can establish a strong baseline, prioritize decisions with confidence, and track measurable reduction over time.