Cybersecurity GRC Risk Engineer

Ansys is the global leader in engineering simulation, helping the world's most innovative companies deliver radically better products to their customers. By offering the best and broadest portfolio of engineering simulation software, Ansys helps companies solve the most complex design challenges and engineer products limited only by imagination.

Summary

As our Cybersecurity GRC Risk Engineer, you will work closely with Cybersecurity peers, the Infrastructure and Operations (I&O) team, and various business units and departments to review, verify, and ensure that Ansys cybersecurity vulnerability management standards and policies are implemented correctly and effectively throughout all Ansys environments. Together with the Cybersecurity Architecture team, you will be providing guidance and technical direction in the management, remediation, and monitoring of vulnerabilities to ensure the confidentiality, integrity, and availability of Ansys information assets.

Responsibilities

• Respond to internal requests for guidance and support on the implementation of security controls, patches, and vulnerability management guidance

• Communicate effectively with internal teams and customers to understand request(s)

• Operate and/or manage various risk and vulnerability management platforms, including Kenna, MS Defender, Tenable, Wiz.io and ServiceNOW

• Maintain Ansys’ public Security Scorecard profile

• Assist the GRC team with third-party security assessments

• Work closely with team members to ensure that the security needs of stakeholders and Ansys customers are met

• Maintain awareness on current threats and vulnerabilities

• Track and manage remediation efforts around ticketed vulnerabilities and configurations, including SLA-governed patching and remediation of vulnerabilities found during penetration testing and other exercises.

• Work closely with the Cybersecurity Architecture and Operations teams to ensure coverage of responsibilities

Minimum Qualifications

• Experience in:

  • Vulnerability management, including managing risks against SLAs, compensating controls, and managing customer requests for vulnerability remediation information

  • Network and information systems design, and

  • Basic application security practices

  • Basic cloud architecture and security

• Knowledge of cybersecurity frameworks such as NIST and ISO 27001

• Knowledge of vulnerability risk and severity rating standards and tools (CVSS, NVD, VulDB, etc.)

• Experience with application vulnerability management tools (MS Defender, Wiz.io, Tenable, etc.)

• Associate degree or higher

• 3+ years of experience

Preferred Qualifcations

• Relevant SANS (GIAC), CompTIA, or ISC^2 Certifications, such as:

  • GIAC Enterprise Vulnerability Assessor (EVA)

  • CompTIA Cybersecurity Analyst (CySA+)

  • CompTIA Security+

  • GIAC Certified Detection Analyst (GCDA)

  • ISC2 System Security Certified Practitioner (SSCP)

CULTURE AND VALUES
Culture and values are incredibly important to Ansys. They inform us of who we are, of how we act. Values aren't posters hanging on a wall or about trite or glib slogans. They aren't about rules and regulations. They can't just be handed down the organization. They are shared beliefs – guideposts that we all follow when we're facing a challenge or a decision. Our values tell us how we live our lives; how we approach our jobs. Our values are crucial for fostering a culture of winning for our company:

• Customer focus
• Results and Accountability
• Innovation
• Transparency and Integrity
• Mastery
• Inclusiveness
• Sense of urgency
• Collaboration and Teamwork

 WORKING AT ANSYS
At Ansys, you will find yourself among the sharpest minds and most visionary of leaders, collectively aiming to change the world with innovative technology and remarkable solutions.  With the prestigious reputation in servicing well-known, world-class companies, standards at Ansys are high, met by those willing to rise to the occasion and meet those challenges head-on.  Because at Ansys, it’s about the learning, the discovery and the collaboration.  It’s about the “what’s next” as much as the “mission accomplished”.  It’s about the melding of disciplined intellect with strategic direction and results that have, can and will impact real people in real ways, forged within a working environment built on respect, autonomy and ethics.
 
At Ansys, you will find yourself among those eager to drive the world towards the next best thing with hands planted firmly on the wheel.
Our team is passionate about pushing the limits of world-class simulation technology so our customers can turn their design concepts into successful, innovative products faster and at lower cost.  As a measure of our success in attaining these goals, Ansys has been recognized as one of the world's most innovative companies by prestigious publications such as Bloomberg Businessweek and FORTUNE magazines.
 
Ansys is an S&P 500 company and a component of the NASDAQ-100.
 
For more information, please visit us at www.ansys.com
 
Ansys is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, and other protected characteristics.
 
Ansys does not accept unsolicited referrals for vacancies, and any unsolicited referral will become the property of Ansys.  Upon hire, no fee will be owed to the agency, person, or entity.