Cybersecurity Risk and Compliance Analyst
Cybersecurity Risk and Compliance Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
About Marvell
Marvells semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise cloud and AI automotive and carrier architectures our innovative technology is enabling new possibilities.
At Marvell you can affect the arc of individual lives lift the trajectory of entire industries and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation above and beyond fleeting trends Marvell is a place to thrive learn and lead.
Your Team Your Impact
The Security Risk and Compliance Analyst will play a crucial role in supporting penetration tests and red teaming exercises following up on remediation actions and managing our Information Security Management System (ISMS). This position is essential for maintaining a robust cybersecurity posture and ensuring compliance with regulatory requirements.What You Can Expect
Pen Tests and Red Teaming Support:
- Coordinate and support penetration testing and red teaming exercises.
- Collaborate with internal and external teams to scope plan and execute tests.
- Analyze findings from tests and work with relevant teams to prioritize and track remediation of findings.
Remediation Actions Follow-Up:
- Track and follow up on remediation actions resulting from pen tests red teaming exercises and other security assessments.
- Ensure timely closure of findings and document remediation efforts.
- Provide regular updates to management on the status of remediation activities with timely escalations on any potential delays.
ISMS Management:
- Manage and maintain the Information Security Management System (ISMS) security policy and process documents in accordance with ISO 27001 and other relevant standards and requirements.
- Conduct regular reviews and updates of ISMS policies procedures and controls.
Controls Catalogue Management:
- Update and maintain a consolidated controls catalogue across applicable cybersecurity frameworks.
- Ensure the controls catalogue is current and reflects the latest regulatory and risk landscape working with control owners to drive changes.
- Collaborate with key stakeholders to ensure appropriate evidence retention for controls requiring periodic assessments.
- Engage with the compliance team and control owners to optimize testing procedures used by the compliance team to evaluate the design and operational effectiveness of controls.
Regulatory and Risk Management:
- Work cross-functionally to ensure cybersecurity controls are effectively designed and scoped.
- Identify design and operational gaps and work with management to drive implementation and remediation efforts.
- Drive process/compliance owners to update documentation including policies processes and narratives as needed.
- Engage with the risk management team to drive adjustments of inherent and residual risk calculations based on changes in internal and external environments.
Cybersecurity Awareness Program:
- Develop and implement a comprehensive cybersecurity awareness program (including awareness training phishing simulation exercises corporate events signage etc.).
- Promote a culture of security awareness across the organization.
What Were Looking For
Qualifications:
- Bachelors degree in Cybersecurity Information Technology or a related field.
- 5 years of experience in cybersecurity and IT pen testing red teaming and/or risk management.
- Relevant certifications (e.g. CISSP CISM CRISC CISA).
- Strong understanding of cybersecurity frameworks and standards.
- Excellent leadership communication and project management skills.
Preferred Skills:
- Experience with cloud security and mobile security technologies.
- Familiarity with automated risk management solutions.
- Strong analytical and problem-solving abilities.
This role is pivotal in ensuring our organizations cybersecurity resilience and. If you are passionate about governance and cybersecurity we encourage you to apply.
Expected Base Pay Range (USD)
100840 - 151000 $ per annumThe successful candidates starting base pay will be determined based on job-related skills experience qualifications work location and market conditions. The expected base pay range for this role may be modified based on market conditions.
Additional Compensation and Benefit Elements
At Marvell we offer a total compensation package with a base bonus and and financial wellbeing are part of the package. That means flexible time off 401k plus a year-end shutdown floating holidays paid time off to volunteer. Have a question about our benefits packages - health or financial Ask your recruiter during the interview process.All qualified applicants will receive consideration for employment without regard to race color religion sex national origin sexual orientation gender identity disability or protected veteran status.
Any applicant who requires a reasonable accommodation during the selection process should contact Marvell HR Helpdesk at .
Interview Integrity
As part of our commitment to fair and authentic hiring practices we ask that candidates do not use AI tools (e.g. transcription apps real-time answer generators like ChatGPT CoPilot or note-taking bots) during interviews.
Our interviews are designed to assess your personal experience thought process and communication skills in real-time. If a candidate uses such tools during an interview they will be disqualified from the hiring process.
This position may require access to technology and/or software subject to U.S. export control laws and regulations including the Export Administration Regulations (EAR). As such applicants must be eligible to access export-controlled information as defined under applicable law. Marvell may be required to obtain export licensing approval from the U.S. Department of Commerce and/or the U.S. Department of State. Except for U.S. citizens lawful permanent residents or protected individuals as defined by 8 U.S.C. 1324b(a)(3) all applicants may be subject to an export license review process prior to employment.
#LI-JS22Required Experience:
IC
Employment Type
Full Time
