Cybersecurity Risk and Compliance Analyst
Cybersecurity Risk and Compliance Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
About Marvell
Marvells semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise cloud and AI automotive and carrier architectures our innovative technology is enabling new possibilities.
At Marvell you can affect the arc of individual lives lift the trajectory of entire industries and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation above and beyond fleeting trends Marvell is a place to thrive learn and lead.
Your Team Your Impact
The Security Risk and Compliance Analyst will play a crucial role in supporting penetration tests and red teaming exercises following up on remediation actions and managing our Information Security Management System (ISMS) and exceptions management process. This position is essential for maintaining a robust cybersecurity posture and ensuring compliance with regulatory requirements.What You Can Expect
Pen Tests and Red Teaming Support:
- Coordinate and support penetration testing and red teaming exercises.
- Collaborate with internal and external teams to scope plan and execute tests.
- Analyze findings from tests and work with relevant teams to prioritize and track remediation of findings.
Remediation Actions FollowUp:
- Track and follow up on remediation actions resulting from pen tests red teaming exercises and other security assessments.
- Ensure timely closure of findings and document remediation efforts.
- Provide regular updates to management on the status of remediation activities with timely escalations on any potential delays.
ISMS Management:
- Manage and maintain the Information Security Management System (ISMS) security policy and process documents in accordance with ISO 27001 and other relevant standards and requirements.
- Conduct regular reviews and updates of ISMS policies procedures and controls.
Exceptions Process Management:
- Oversee the exceptions management process including the review and approval of security exceptions.
- Ensure that exceptions are documented riskassessed and approved by appropriate stakeholders. Perform timely followup and escalations.
- Monitor and track the status of exceptions and ensure they are reviewed nearing expiration to drive appropriate actions.
Controls Catalogue Management:
- Update and maintain a consolidated controls catalogue across applicable cybersecurity frameworks.
- Ensure the controls catalogue is current and reflects the latest regulatory and risk landscape working with control owners to drive changes.
- Collaborate with key stakeholders to ensure appropriate evidence retention for controls requiring periodic assessments.
- Engage with the compliance team and control owners to optimize testing procedures used by the compliance team to evaluate the design and operational effectiveness of controls.
Regulatory and Risk Management:
- Work crossfunctionally to ensure cybersecurity controls are effectively designed and scoped.
- Identify design and operational gaps and work with management to drive implementation and remediation efforts.
- Drive process/compliance owners to update documentation including policies processes and narratives as needed.
- Engage with the risk management team to drive adjustments of inherent and residual risk calculations based on changes in internal and external environments.
Cybersecurity Awareness Program:
- Develop and implement a comprehensive cybersecurity awareness program (including awareness training exercises corporate events signage etc..
- Promote a culture of security awareness across the organization.
What Were Looking For
Qualifications:
- Bachelors degree in Cybersecurity Information Technology or a related field.
- 5 years of experience in cybersecurity and IT pen testing red teaming and/or risk management.
- Relevant certifications (e.g. CISSP CISM CRISC).
- Strong understanding of cybersecurity frameworks and standards.
- Excellent leadership communication and project management skills.
Preferred Skills:
- Experience with cloud security and mobile security technologies.
- Familiarity with automated risk management solutions.
- Strong analytical and problemsolving abilities.
This role is pivotal in ensuring our organizations cybersecurity resilience and. If you are passionate about governance and cybersecurity we encourage you to apply.
Expected Base Pay Range (USD)
$ per annumThe successful candidates starting base pay will be determined based on jobrelated skills experience qualifications work location and market conditions. The expected base pay range for this role may be modified based on market conditions.
Additional Compensation and Benefit Elements
At Marvell we offer a total compensation package with a base bonus and and financial wellbeing are part of the package. That means flexible time off 401k plus a yearend shutdown floating holidays paid time off to volunteer. Have a question about our benefits packages health or financial Ask your recruiter during the interview process.All qualified applicants will receive consideration for employment without regard to race color religion sex national origin sexual orientation gender identity disability or protected veteran status.
Any applicant who requires a reasonable accommodation during the selection process should contact Marvell HR Helpdesk at .
#LIJS22Required Experience:
IC
Employment Type
Full Time
