HiTakeJobHiTakeJob

Controls & GRC Specialist - Fireblocks

  • חברה: Fireblocks
  • מיקום: Tel Aviv-Yafo, Tel Aviv District, Israel

תיאור המשרה

Run the auditor relationship: Act as the primary contact for our external auditors. Manage the auditor transition, scoping, walkthroughs, PBC and sample requests, evidence delivery, and resolution of deviations.

תחומי אחריות

Own the evidence: Personally collect, label, and file control evidence and screenshots. Maintain an audit-ready repository that stays current all year, not just at cycle time. Define the requirements: Translate each control objective into testable specifications for Engineering, Infrastructure, Security, HR, and Finance. Identify gaps and drive them closed. Run the auditor relationship: Act as the primary contact for our external auditors. Manage the auditor transition, scoping, walkthroughs, PBC and sample requests, evidence delivery, and resolution of deviations. Represent us to customers: Lead customer-facing calls on the SOC 1 control environment, answer control questions directly, and confirm complementary user-entity controls (IP allowlisting, MFA, access approvals, authorized-user lists). Execute the recurring controls: Run the operating cadence - weekly reconciliation minutes; quarterly access reviews; and the annual cycle covering penetration testing, cloud (AWS) SOC report review, board minutes, performance evaluations, and security training, including 30-day new-hire training. Manage the access lifecycle: Oversee access-request approvals, terminations and offboarding, and privileged-access lists. Hold the line on operational controls: Cover monitoring, vulnerability scanning (no open critical or high findings), backup and BCP/DR, and incident records. 3-5 years in IT compliance, IT audit, or GRC , including at least one full SOC 1 Type II cycle owned hands-on, from evidence collection through report issuance. Finance reconciliation expertise: A strong grasp of transaction and balance reconciliation, controls over completeness and accuracy, and discrepancy resolution. Crypto or digital-asset reconciliation experience is a strong plus. Hands-on tooling fluency: Comfortable working directly in AWS (IAM/SSO), GitHub, ticketing systems, monitoring, vulnerability scanners, and compliance tooling. Documentation discipline: You produce clear, structured, audit-grade documentation as a matter of habit. Cross-functional credibility: You're equally credible with engineers, finance teams, and external auditors, and you can move between those audiences without losing precision. Customer-facing composure: You can represent a control environment to customers and stand behind it under scrutiny. Ownership mindset: You treat the program as yours. You chase down evidence, follow up on gaps, and keep the repository ready without being asked. Bias toward the practical: You balance control rigor with the realities of a fast-moving, global financial infrastructure business.

דרישות

Run the auditor relationship: Act as the primary contact for our external auditors. Manage the auditor transition, scoping, walkthroughs, PBC and sample requests, evidence delivery, and resolution of deviations.