SantaClaraRecruiter Since 2001
the smart solution for Santa Clara jobs

Cyber Security Technical Risk Manager

Company: Marvell Semiconductor, Inc.
Location: Santa Clara
Posted on: June 4, 2024

Job Description:

About Marvell Marvell's semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, automotive, and carrier architectures, our innovative technology is enabling new possibilities.At Marvell, you can affect the arc of individual lives, lift the trajectory of entire industries, and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation, above and beyond fleeting trends, Marvell is a place to thrive, learn, and lead.Your Team, Your ImpactThe Technical Risk Manager will be responsible for leading and managing cyber security risk. You will drive the overall risk management program including assessment, monitoring, and remediation plan for effective risk reduction. This role will be driving the enforcement of security standards, information protection controls, application security, and third-party risk management. You will be interacting with leadership, cross-functional teams, and business information security officers for an effective risk management strategy.

The ideal candidate will be a strong leader and have a proven background in all aspects of cyber security risk management, with a focus on driving results and mitigating cyber security risks. Candidate must have 14+ years of proven track record of building high-performing teams and driving results in complex environments.What You Can Expect

  • Strong track record in driving complex technical security programs across large organizations.
  • Strong knowledge in infrastructure security risk-related activities and processes: Identification of critical assets, Analysis of threats & vulnerabilities, Assessment of IT infrastructure risks, and providing recommendations to mitigate the identified risks and application of appropriate countermeasures
  • Monitor threat landscape - external facing footprint to perform security posture analysis
  • Experience in determining vulnerability risk impact on key objectives and critical processes; ability to link risk management programs and initiatives to inform critical business strategies and processes.
  • Conduct risk assessments and reviews for the security of designs considering Marvell's security standards aligned to industry standards such as ISO 27002 and NIST 800-53, compile risk register and track risk remediation plans
  • Work on design, implementation, and verification of application security program, including validation of minimum security requirements for the web applications
  • Managed third-party risk management programs at large enterprises.
  • Monitor risk controls in the domains such as access controls, cloud, backup, recovery, network security, etc.
  • Assess adequate access controls based on principles of least privilege and need-to-know, configuration baseline
  • Assist in defining and implementing security programs, policies, procedures, and best practices to proactively address security concerns
  • Participate in cyber incident responses to provide guidance related to cyber security risks and control assurance
  • Assist in the development and delivery of training programs to enhance the awareness and understanding of technical risks among employees
  • Experience in creating internal security dashboards and presenting it to the stakeholders
  • Measuring ongoing metrics and improvements along with providing actionable intelligence to the extended IT teams
  • Ability to analyze and apply information security risk management practices.
  • Experience assessing project and technical documentation to ensure compliance with established policies, processes, and procedures
  • Partner with Subject Matter Expert (SME) in key third-party risk domains & key functional areas to complete the due diligence as per the defined SLA
  • Supporting the GRC team to conduct & manage internal cyber security audits
  • Good Network and Security knowledge (Routing & Switching, Firewalls, proxy, VPN, IDS/IPS, and other security products) and understanding of OSI layers in networking and standard/non-standard protocols and service ports
  • Sound understanding of Web application technologies, networks, operating systems (Windows, Unix, Linux), firewalls, and security engineering conceptsWhat We're Looking For
    • Bachelor's or Master's degree in Information Technology or related field
    • Minimum 14 years of progressive experience in cyber security plus managerial-related role
    • Minimum 5-8 years experience in Vulnerability assessment, Configuration Audit, Web, third-party risk management, and Mobile application security in an enterprise environment
    • Hands-on experience in conducting security reviews for critical network security controls such as firewalls, WAF, IPS, etc.
    • Have a working knowledge of the NIST CSF and RMF frameworks
    • Experience with Commercial and open-source IT Security tools like Tenable, Qualys, NMAP, Nessus, Acunetix, BurpSuite, Kali Distro, etc.
    • Experience in VAPT, Secure configuration, and hardening based on CIS, OWASP, SANS, and CVE guidelines.
    • Experience in working with global teams and time zones, tool vendors, and strong analytical and communication skills.
    • Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption)
    • Knowledge of network access, identity, and access management (e.g., public key infrastructure, OAuth, OpenID, SAML, SPML)
    • Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning)
    • CISSP, CRISC, CEH, OSCP, SANS GIAC GPEN, certification preferred#LI-JS22Expected Base Pay Range (USD)123,300 - 182,480, $ per annumThe successful candidate's starting base pay will be determined based on job-related skills, experience, qualifications, work location and market conditions. The expected base pay range for this role may be modified based on market conditions.Additional Compensation and Benefit ElementsAt Marvell, we offer a total compensation package with a base, bonus and equity.Health and financial wellbeing are part of the package. That means flexible time off, 401k, plus a year-end shutdown, floating holidays, paid time off to volunteer. Have a question about our benefits packages - health or financial? Ask your recruiter during the interview process.This role is eligible for our hybrid work model in which you will be able to split time between working from home and on-site in a Marvell office.All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.Any applicant who requires a reasonable accommodation during the selection process should contact Marvell HR Helpdesk at TAOps@marvell.com.

Keywords: Marvell Semiconductor, Inc., Santa Clara , Cyber Security Technical Risk Manager, IT / Software / Systems , Santa Clara, California

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest California jobs by following @recnetCA on Twitter!

Santa Clara RSS job feeds