Cyber Security Specialist

Information Security Specialist We Are: At Synopsys, we drive the innovations that shape the way we live and connect. Our technology is central to the Era of Pervasive Intelligence, from self-driving cars to learning machines. We lead in chip design, verification, and IP integration, empowering the creation of high-performance silicon chips and software content. Join us to transform the future through continuous technological innovation. You Are: You are a dedicated and experienced Information Security Analyst with a strong background in Governance, Risk, and Compliance (GRC). You have a passion for solving security challenges and uphold high personal and professional ethical standards. Your quantitative and analytical skills are evident in your work, and you are adept at using GRC tools to enhance security protocols. You are knowledgeable about security control frameworks such as ISO 27001, SOC 2 Type II, NIST 800-53, and NIST CSF, and you can present security risks to a wide audience, including senior management. You thrive in a global team environment and have a comprehensive understanding of IT, data, and security processes. Your communication skills are strong, and you are fluent in English, enabling you to effectively liaise with various stakeholders across the organization. What You’ll Be Doing:

• Conduct third-party (vendor) risk assessments in collaboration with stakeholders.
• Provide security requirements to both internal partners and external third-party providers.
• Identify, document, monitor, and report on risk register items, KPI/KRI, including the monitoring of security control efficacy.
• Understand and apply security functions such as Incident Management, Change Management, Identity and Access Management, and Vendor Security Risk Management.
• Work closely with the Synopsys Information Security Team to detect potential security weaknesses and develop creative solutions tailored to Synopsys' unique business and systems architecture.
• Interact with Synopsys IT and business stakeholders to understand risks to critical infrastructure and define potential business impacts, applying effective mitigation strategies.
• Maintain, enforce, and track the Synopsys Information Security Exception process.
• Stay current with industry, regulatory, and legal requirements relevant to security, compliance, and privacy.

The Impact You Will Have:

• Enhance Synopsys' risk management program to address the evolving cybersecurity threat landscape.
• Improve compliance with regulatory requirements as the company continues to grow.
• Strengthen the overall security and compliance posture of Synopsys.
• Ensure effective risk mitigation controls are implemented and monitored.
• Facilitate a secure environment for Synopsys' critical infrastructure and data.
• Contribute to the development of innovative solutions to address unique security challenges.

What You’ll Need:

• Bachelor’s degree in Computer Science, Information Systems, or a related field.
• 5 - 7 years of experience in information security or a related field.
• Knowledge of common certification and attestation programs such as ISO 27001, SOC2 Type II.
• Practical working experience with control frameworks such as ISO 27001, NIST 800-53, NIST CSF, etc.
• Excellent organizational skills with attention to detail and the ability to multitask for project prioritization.
• Effective communication skills with internal and external customers, executive managers, and team members.
• Ability to understand compliance requirements and provide meaningful examinations.

Who You Are: You are an analytical thinker with a passion for cybersecurity. You possess high ethical standards and a strong understanding of governance, risk, and compliance. Your communication skills are exceptional, and you can work seamlessly in a global team. You are detail-oriented, organized, and can multitask effectively. Your knowledge of security frameworks and your ability to present security risks to diverse audiences make you a valuable asset to the team. The Team You’ll Be A Part Of: You will be part of the Synopsys Corporate Information Security group, working within a mature GRC team. The team is dedicated to enhancing Synopsys' security and compliance posture by leveraging industry frameworks and regulatory standards. You will collaborate with stakeholders across various business groups, including Finance, Legal, Audit, HR, and IT, to implement new solutions and processes. Rewards and Benefits: We offer a comprehensive range of health, wellness, and financial benefits to cater to your needs. Our total rewards include both monetary and non-monetary offerings. Your recruiter will provide more details about the salary range and benefits during the hiring process.