Associate Information/Cyber Security Compliance Analyst

Our world is transforming, and PTC is leading the way. Our software brings the physical and digital worlds together, enabling companies to improve operations, create better products, and empower people in all aspects of their business. 

Our people make all the difference in our success. Today, we are a global team of nearly 7,000 and our main objective is to create opportunities for our team members to explore, learn, and grow – all while seeing their ideas come to life and celebrating the differences that make us who we are and the work we do possible.  

Employee Day-to-Day:

o   Support the development of best practice policies and standards based on various governance frameworks, and customer requirements.

o   Ensure that all policies and standards are regularly reviewed and updated to be in line with regulatory and control requirements.

o   Support the IT Security Exception program, by responding to requests for non-compliance with policies and standards. Support the development of solutions to address risk factors and events in a cost-effective manner and in line with business objectives.

o   Address risk issues and action plans from all sources, e.g., Facilitate External audit, Conduct Internal Audit, technology risk assessments, etc. working with the Office of Cyber Security Risk. Support the development of solutions to mitigate weaknesses in internal controls and risks. Assign control owners to establish accountability.

o   Support the Information Security Management System (ISMS) by helping the organization to demonstrate compliance with various framework controls like: NIST, CMMC, TISAX, ISO27001 and improving the existing ISMS.

o   Support the GRC software platform for policy administration, compliance and risk management, and responsibility attestation

o   Support on developing, maintaining, and enhancing the Disaster Recovery Program (plans, standards, roles, responsibilities, templates, tools, and reporting).

o   Support and execute on User Access reviews and EOL OS Reviews

o   Support third party security assessments by making recommendations and performing periodic reviews.

o   Serving as a liaison between IT Compliance and other IT groups, and the Business through effective communication, both verbally and in writing.

Your skills and knowledge:

o   Experience in a related role/area

o   Ability to work independently and with others.

o   A go getter that can track, prioritize and ensure projects are completed timely.

o   Know when to raise request for additional support, guidance, and resources.

o   Bringing a solution and executing on the solution to resolve a problem

o   Maintain an up-to-date understanding of emerging trends in information security risks, and new techniques and trends, in-line with overall information security objectives and risk tolerance.

Ideal technical/experience skills: 

• Understanding/Certification of ISO27001/NIST, CMMC, TISAX
• Basic understanding of IT systems & networks
• Best practices around confidentiality, integrity, and availability
• Basic understanding around security policies and standards
• Basic understanding of Asset Management, Information Security Risk Management, Assessments, Incident Management, Human Resources Security, Physical Security and Business Continuity, Identity & Access Management, Encryption, Operations Security (incl. Change Management), Supplier Relationships, Compliance, Data Protection

Life at PTC is about more than working with today’s most cutting-edge technologies to transform the physical world. It’s about showing up as you are and working alongside some of today’s most talented industry leaders to transform the world around you. 

If you share our passion for problem-solving through innovation, you’ll likely become just as passionate about the PTC experience as we are. Are you ready to explore your next career move with us?

We respect the privacy rights of individuals and are committed to handling Personal Information responsibly and in accordance with all applicable privacy and data protection laws. Review our Privacy Policy here."