About Marvell

Marvell’s semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, automotive, and carrier architectures, our innovative technology is enabling new possibilities.

At Marvell, you can affect the arc of individual lives, lift the trajectory of entire industries, and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation, above and beyond fleeting trends, Marvell is a place to thrive, learn, and lead.

Your Team, Your Impact

Technical Risk Professional will be responsible for leading risk and control assessments for infrastructure and applications. cyber security domains be responsible for leading and managing cyber security risk. The role will involve risk management activities such as assessment, monitoring, and remediation of risks.

The ideal candidate must have 10+ years of technical risk management experience and a proven track record carrying out comprehensive assessments of technical risks associated with the organization's systems, infrastructure, and technology projects.

What You Can Expect

• Lead risk and control assessments for core cyber security domains, including vulnerability management, threat management, identity, and access management
• Conduct comprehensive assessments of potential technical risks associated with the organization's systems, infrastructure, and technology projects.
• Develop and implement risk mitigation strategies and action plans to address identified technical risks.
• Experience in determining vulnerability risk impact on key objectives and critical processes; ability to link risk management programs and initiatives to inform critical business strategies and processes.
• Provide technical expertise to assist the development and maintenance of cyber security standards in line with industry best practices, as well as technical expertise around security threats & vulnerabilities.
• Participate in cyber incident responses to provide guidance related to cyber security risks and control assurance
• Monitor threat landscape – external facing footprint to perform security posture analysis.
• Work closely with technical teams to assess the security posture of systems and applications through vulnerability assessments and penetration testing.
• Collaborate with IT teams to prioritize and implement security measures, controls, and safeguards to mitigate potential threats.
• Develop and implement strategies to protect the company’s cyber security. Including firewalls, security software, data encryption tools, safety protocols, etc.
• Experience in creating internal security dashboards and presenting it to the stakeholders
• Provide regular reports on the status of technical risks, mitigation efforts, and key performance indicators to demonstrate the effectiveness of risk management strategies.
• Work on design, implementation, and verification of application security program, including validation of minimum security requirements for the web applications
• Assess adequate access controls based on principles of least privilege and need-to-know, Configuration baseline
• Good Network and Security knowledge (Routing & Switching, Firewalls, proxy, VPN, IDS/IPS, and other security products) and understanding of OSI layers in networking and standard/non-standard protocols and service ports
• Sound understanding of Web application technologies, API security standards, and operating systems (Windows, Unix, Linux)

#LI-MN1

What We're Looking For

• Bachelor's or Master's degree in Computer Science, Information Security, Risk Management, System Resiliency & Availability & Software development practices and frameworks, Products and operations, Access and identity management, application security, assurance programs, or a related field.
• Minimum 10 years of progressive experience in cyber security plus managerial-related role
• Minimum 4-6 years of experience in Vulnerability assessment, Configuration Audit, and Web/application security in an enterprise environment
• Hands-on experience in conducting security reviews for critical network security controls such as firewalls, WAF, IPS, etc.
• Have a working knowledge of the NIST CSF, CSA CCM and RMF frameworks
• Experience with Commercial and open-source IT Security tools like Tenable, Qualys, NMAP, Nessus, Acunetix, BurpSuite, Kali Distro, etc.
• Experience in working with global teams and time zones, tool vendors, and strong analytical and communication skills.
• Knowledge of network access, identity, and access management (e.g., public key infrastructure, OAuth, OpenID, SAML, SPML)
• Hands-on product experience on Qualys Enterprise Platform, Tenable, Risk intelligence platforms such as Upguard, Security Scorecard, etc.
• CISSP, Certificate of Cloud Security Knowledge (CCSK), CEH, OSCP, SANS GIAC GPEN, certification preferred

#LI-MN1

Additional Compensation and Benefit Elements

With competitive compensation and great benefits, you will enjoy our workstyle within an environment of shared collaboration, transparency, and inclusivity. We’re dedicated to giving our people the tools and resources they need to succeed in doing work that matters, and to grow and develop with us. For additional information on what it’s like to work at Marvell, visit our Careers page.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.