Autodesk Security Technical GRC Specialist in San Francisco, California
Job Requisition ID #
Autodesk is seeking a Security Technical GRC Specialist who will drive implementation of GRC platform MetricStream within Autodesk. GRC solution provided by MetricStream involves 3 products – Policy and Document Management, IT Risk and IT Compliance. The lead in this role will drive the implementation in highly regulated environment of FedRAMP, ensuring appropriate security controls and drive functional business requirements to showcase benefits to the overall security organization.
Our team of security experts helps Autodesk design, build, deploy, and maintain secure products. We are embedding security in the full spectrum of how we build our products, from inception, design, development, and testing to how we are running them in the cloud, as well as how we are responding to any existing or emerging threats to our products or the building blocks of our products and services. Our job is to be one step ahead of our adversaries, and we use expertise, technology, and other resources to thwart their efforts to compromise our products and the environments in which they operate. Our team keeps a single-minded focus on protecting our customer's data and their investment in our products by strengthening our applications, underlying services, and network.
Work with different stakeholders within security organization to strategize, design, and implement functional GRC use cases based on business requirements
Serve as owner of Security GRC platform on-prem architecture and its design
Ensure GRC platform and its architectural components are compliant with FedRAMP and other internal security guidelines
Implement process of troubleshooting, debugging and upgrading software
Lead and own all technical aspects of project and solution delivery
Drive continuous improvements of overall GRC program and methodology
Master’s degree (M.S) in Computer Science, or bachelor’s degree (B.A.) and equivalent work experience, education requirements can be relaxed for the right candidate
5+ years of experience in cybersecurity compliance and risk
2+ years of hands-on experience with MetricStream M7 software and its tech stack
2+ years experience as a full stack security engineer
Proficiency in Linux OS
Competency in RDBMS and NoSQL database technologies (e.g. Oracle, MongoDB)
Prior experience in a compliance and regulatory environment related to security and privacy including security compliance standards across industries and geographies such as FedRAMP, ISO 27001, SOC, PCI, SOX is desired
Prior experience in implementing application and infrastructure security controls
Excellent analytical skills, organizational skills, ingenuity, and the ability to work as part of a team
Excellent communication skills and ability to deal with conflict and lead negotiations
Advanced interpersonal skills to effectively promote ideas and collaboration at the various levels of the organization
Experience in securing Cloud Environments – AWS EC2
Experience securing Databases such as Oracle, Mongo DBs
Experience with SDLC process is a plus
Industry certification(s) CISSP, CISA
At Autodesk, we're building a diverse workplace and an inclusive culture to give more people the chance to imagine, design, and make a better world. Autodesk is proud to be an equal opportunity employer and considers all qualified applicants for employment without regard to race, color, religion, age, sex, sexual orientation, gender, gender identity, national origin, disability, veteran status or any other legally protected characteristic. We also consider for employment all qualified applicants regardless of criminal histories, consistent with applicable law.
Are you an existing contractor or consultant with Autodesk? Please search for open jobs and apply internally (not on this external site). If you have any questions or require support, contact Autodesk Careers (Careers%20%3Ccareers@autodesk.com%3E) .
*From the greenest buildings to the cleanest cars, from the smartest factories to the biggest stories, amazing things are created every day with Autodesk. Over four decades we’ve worked together with our customers to transform how things are made, and in doing so, we’ve also transformed what can be made. A car’s performance now inspires the method of its manufacture, a city’s infrastructure helps predict the unpredictable, and the creation of ever-bigger universes shapes ever-bigger stories. *
Today our solutions span countless industries empowering innovators everywhere. But we’re restless to do more. We don’t believe in waiting for progress, we believe in making it. By combining and recombining technologies. By blurring boundaries, reinventing rules, and merging fields. By unleashing talent and unlocking insights across industries. By helping our customers converge on solutions to the challenges we all face today. At Autodesk, we believe that when you have the right tools to work and think flexibly you have the power to transform what actually needs making. The power to design and make a better world for all.
- Autodesk Jobs