Cybersecurity Risk and Compliance Analyst

23 Minutes ago • 5 Years + • $100,840 PA - $151,000 PA

Job Summary

Job Description

The Security Risk and Compliance Analyst will support penetration tests and red teaming exercises, track remediation actions, and manage the Information Security Management System (ISMS) in accordance with ISO 27001. This role involves coordinating tests, analyzing findings, ensuring timely closure of remediation efforts, and maintaining a consolidated controls catalogue. The analyst will also develop and implement a comprehensive cybersecurity awareness program, identify and address design and operational gaps in controls, and engage with risk management to adjust risk calculations. This position is crucial for maintaining a robust cybersecurity posture and ensuring compliance with regulatory requirements.
Must have:
  • Coordinate and support penetration testing and red teaming exercises.
  • Track and follow up on remediation actions from security assessments.
  • Manage and maintain the Information Security Management System (ISMS) and security policy documents.
  • Update and maintain a consolidated controls catalogue across cybersecurity frameworks.
  • Ensure appropriate evidence retention for controls requiring periodic assessments.
  • Work cross-functionally to ensure cybersecurity controls are effectively designed and scoped.
  • Identify design and operational gaps and drive implementation and remediation.
  • Develop and implement a comprehensive cybersecurity awareness program.
  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
  • 5+ years of experience in cybersecurity, IT, pen testing, red teaming, and/or risk management.
  • Relevant certifications (e.g., CISSP, CISM, CRISC, CISA).
  • Strong understanding of cybersecurity frameworks and standards.
  • Excellent leadership, communication, and project management skills.
Good to have:
  • Experience with cloud security and mobile security technologies.
  • Familiarity with automated risk management solutions.
  • Strong analytical and problem-solving abilities.
Perks:
  • Total compensation package with base, bonus, and equity.
  • Health and financial wellbeing benefits.
  • Flexible time off.
  • 401k.
  • Year-end shutdown.
  • Floating holidays.
  • Paid time off to volunteer.

Job Details

About Marvell

Marvell’s semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, automotive, and carrier architectures, our innovative technology is enabling new possibilities.

At Marvell, you can affect the arc of individual lives, lift the trajectory of entire industries, and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation, above and beyond fleeting trends, Marvell is a place to thrive, learn, and lead.

Your Team, Your Impact

The Security Risk and Compliance Analyst will play a crucial role in supporting penetration tests and red teaming exercises, following up on remediation actions, and managing our Information Security Management System (ISMS). This position is essential for maintaining a robust cybersecurity posture and ensuring compliance with regulatory requirements.

What You Can Expect

Pen Tests and Red Teaming Support:

  • Coordinate and support penetration testing and red teaming exercises.
  • Collaborate with internal and external teams to scope, plan, and execute tests.
  • Analyze findings from tests and work with relevant teams to prioritize and track remediation of findings.

Remediation Actions Follow-Up:

  • Track and follow up on remediation actions resulting from pen tests, red teaming exercises, and other security assessments.
  • Ensure timely closure of findings and document remediation efforts.
  • Provide regular updates to management on the status of remediation activities, with timely escalations on any potential delays.

ISMS Management:

  • Manage and maintain the Information Security Management System (ISMS), security policy and process documents, in accordance with ISO 27001 and other relevant standards and requirements.
  • Conduct regular reviews and updates of ISMS policies, procedures, and controls.

Controls Catalogue Management:

  • Update and maintain a consolidated controls catalogue across applicable cybersecurity frameworks.
  • Ensure the controls catalogue is current and reflects the latest regulatory and risk landscape, working with control owners to drive changes.
  • Collaborate with key stakeholders to ensure appropriate evidence retention for controls requiring periodic assessments.
  • Engage with the compliance team and control owners to optimize testing procedures used by the compliance team to evaluate the design and operational effectiveness of controls.

Regulatory and Risk Management:

  • Work cross-functionally to ensure cybersecurity controls are effectively designed and scoped.
  • Identify design and operational gaps and work with management to drive implementation and remediation efforts.
  • Drive process/compliance owners to update documentation, including policies, processes, and narratives as needed.
  • Engage with the risk management team to drive adjustments of inherent and residual risk calculations based on changes in internal and external environments.

Cybersecurity Awareness Program:

  • Develop and implement a comprehensive cybersecurity awareness program (including awareness training, phishing simulation exercises, corporate events, signage, etc.).
  • Promote a culture of security awareness across the organization.

What We're Looking For

Qualifications:

  • Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
  • 5+ years of experience in cybersecurity and IT, pen testing, red teaming, and/or risk management.
  • Relevant certifications (e.g., CISSP, CISM, CRISC, CISA).
  • Strong understanding of cybersecurity frameworks and standards.
  • Excellent leadership, communication, and project management skills.

Preferred Skills:

  • Experience with cloud security and mobile security technologies.
  • Familiarity with automated risk management solutions.
  • Strong analytical and problem-solving abilities.

This role is pivotal in ensuring our organization's cybersecurity resilience and. If you are passionate about governance and cybersecurity, we encourage you to apply.

Expected Base Pay Range (USD)

100,840 - 151,000, $ per annum

The successful candidate’s starting base pay will be determined based on job-related skills, experience, qualifications, work location and market conditions. The expected base pay range for this role may be modified based on market conditions.

Additional Compensation and Benefit Elements

At Marvell, we offer a total compensation package with a base, bonus and equity.Health and financial wellbeing are part of the package. That means flexible time off, 401k, plus a year-end shutdown, floating holidays, paid time off to volunteer. Have a question about our benefits packages - health or financial? Ask your recruiter during the interview process.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.

Any applicant who requires a reasonable accommodation during the selection process should contact Marvell HR Helpdesk at TAOps@marvell.com.

#LI-TT1

Similar Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Similar Skill Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Jobs in Santa Clara, California, United States

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

Marvell’s semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, automotive, and carrier architectures, our innovative technology is enabling new possibilities. At Marvell, you can affect the arc of individual lives, lift the trajectory of entire industries, and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation, above and beyond fleeting trends, Marvell is a place to thrive, learn, and lead.

Santa Clara, California, United States (On-Site)

Irvine, California, United States (On-Site)

Shenzhen, Guangdong Province, China (On-Site)

Santa Clara, California, United States (On-Site)

Pune, Maharashtra, India (On-Site)

Santa Clara, California, United States (On-Site)

Ho Chi Minh City, Ho Chi Minh City, Vietnam (On-Site)

Santa Clara, California, United States (On-Site)

View All Jobs

Get notified when new jobs are added by Marvell

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug