|
Cybersecurity Third Party Risk Analyst
USA - Florida - Oviedo, USA - Georgia - Atlanta, USA - Illinois - Chicago, USA - Illinois - Schaumburg, USA - Indiana - Bloomington, USA - Indiana - Indianapolis, USA - Maryland - Columbia, USA - Massachusetts - Boston, USA - Massachusetts - Boxborough, USA - Massachusetts - Burlington, USA - Massachusetts - Marlboro, USA - Michigan - Detroit, USA - Michigan - Novi, USA - Minnesota - Bloomington, USA - Minnesota - Minneapolis, USA - Minnesota - Roseville, USA - Morrisville - North Carolina, USA - New Jersey - Bedminster, USA - New Jersey - Newark, USA - New York - New York City, USA - New York - Ossining, USA - North Carolina - Durham, USA - Ohio - Cincinnati, USA - Ohio - Columbus, USA - Pennsylvania - Allentown, USA - Tennessee - Nashville, USA - Texas - Addison, USA - Texas - Austin, USA - Texas - Dallas, USA - Texas - Houston, USA - Texas - Plano, USA - Virginia - Dulles, USA - Virginia - Herndon, USA - Williston - Vermont Job Description and Requirements Cybersecurity Third-Party Risk Analyst
At SIG, Synopsys' Software Integrity Group, we are enthusiastic learners and seasoned inventors. We are makers and visionaries who make technology safer. We are innovators who develop the best solutions to keep your software safe. Whether you're selling it directly to your customers or relying on it to run your operations, SIG helps you protect your bottom line by building trust in your software-at the speed your business demands. We embrace diversity as a company, so we can create solutions that serve not just technology but the humans behind it.
The Cybersecurity team is seeking a passionate, experienced, and collaborative Governance, Risk, and Compliance (GRC) practitioner to focus on our Third-Party Risk Management (TPRM) program.
Key Responsibilities
The Third-Party Risk Analyst supports Third-Party Risk Management (TPRM) activities and our overall GRC program. The Third-Party Risk Analyst is a critical position within the organization with supply chain risk management responsibilities affecting the organization globally. The Third-Party Risk Analyst enables and transforms the TPRM program, improves security compliance, and tracks third-party security risks with the potential to impact business operations, and develops, collects, and reports TPRM program metrics for decision-makers.
* Leverage industry frameworks and regulatory standards such as, for example, ISO 27001, ISO 27036, NIST SP 800-53, NIST SP 800-161, NIST SP 800-171, NIST CSF, and GDPR to support TPRM activities
* Work with internal stakeholders to build and enhance TPRM controls to improve our business risk posture
* Build, maintain supplier database; track vendor risk assessments and compliance status
* Engage vendors to validate compliance with contractual risk management obligations and vendor risk management framework
Qualifications
The Third-Party Risk Analyst possesses expert knowledge of computer, network, and information security methods and procedures to enable security risk oversight of all TPRM-related business activities. The Third-Party Risk Analyst has experience with risk assessments, risk analysis, ratings, and mitigation controls. Strong analytical and critical-thinking abilities are a must.
* Excellent oral and written communication skills are also a must
* University degree or equivalent certified education and experience
* Strong interpersonal and collaboration skills
* 5+ years of TPRM program implementation, processes, and practices experience
* Familiar with ISO and NIST security control frameworks
* Experience with TPRM tools, technology, and implementations
* Fluent verbal and written English
* Security credentials such as CRISC, CISSP, and related certifications preferred
About the Synopsys Software Integrity Group Synopsys Software Integrity Group helps organizations build secure, high-quality software, minimizing risks while maximizing speed and productivity. Synopsys, a recognized leader in application security, provides static analysis, software composition analysis, and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open-source components, and application behavior. With a combination of industry-leading tools, services, and expertise, only Synopsys helps organizations maximize security and quality in DevSecOps and throughout the software development life cycle.
For more information, go to www.synopsys.com/software.
Synopsys considers all applicants for employment without regard to race, color, religion, sex, gender preference, national origin, age, disability, or status as a Covered Veteran in accordance with federal law. In addition, Synopsys complies with applicable state and local laws prohibiting discrimination in employment in every jurisdiction in which it maintains facilities. Synopsys Inc. also provides reasonable accommodation to individuals with a disability in accordance with applicable laws.
The base salary range across the U.S. for this role is between $157,000-$235,000 annually. In addition, this role may be eligible for an annual bonus, equity, and other discretionary bonuses. Synopsys offers comprehensive health, wellness, and financial benefits as part of a of a competitive total rewards package. The actual compensation offered will be based on a number of job-related factors, including location, skills, experience, and education. Your recruiter can share more specific details on the total rewards package upon request. Job Category Information Technology Job Subcategory IT Security Base Salary Range $157,000-$235,000 |
Synopsys
June 17, 2024