Cybersecurity Architect (GRC & Risk)
CYE
IT
Herzliya, Israel
Posted on May 26, 2026
Cye is seeking a Cybersecurity Architect (GRC & Risk) to join our cybersecurity architecture team. In this role, you will lead security governance, risk, and control assessments, conduct third-party due diligence, support maturity assessments, and drive mitigation and architectural review processes. You’ll work closely with CISOs, security leaders, engineering teams, and customers to develop risk-focused methodologies and improve security frameworks. This position is best suited for candidates with a technical GRC, risk, or security assessment background who excel in analysis, interpretation, and structuring of security information.
Responsibilities
- Lead customer third‑party security due diligence assessments.
- Lead mitigation workshops to translate penetration test and assessment findings into prioritized remediation workplans.
- Perform security maturity assessments, including reviews of organizational policies, standards, procedures, and governance practices, aligned with the NIST CSF 2.0 cybersecurity framework.
- Develop and refine security methodologies, processes, and architectural guidance.
- Maintain internal documentation and ensure alignment between frameworks, processes, and practical implementation.
- Analyze technical findings and map them to governance, risk, and control gaps.
- Produce clear, structured reports and executive‑ready summaries for technical and non‑technical audiences.
Qualifications
- 3-4 years in cybersecurity GRC, IT risk, compliance, audit/assurance, or related process‑oriented security roles.
- Strong understanding of governance, risk management, and operational processes.
- Familiarity with cybersecurity frameworks (NIST CSF, ISO 27001 concepts), risk assessment, mitigation planning, and third‑party risk management.
- Basic conceptual understanding of cloud/SaaS shared responsibility models.
- Ability to communicate technical issues in business‑aligned language.
- Hands-on experience with security controls – an advantage.
- Strong writing, communication, and facilitation skills.
- Comfortable collaborating with internal stakeholders and external customers.
About us
CYE’s SaaS platform and experts enable security leaders to execute optimized security programs with significant business impact. CYE serves large companies in multiple industries around the world. With offices in Israel, New York, and London, CYE is funded by EQT Private Equity and 83North.