Vulnerability Management Professional
About Marvell
Marvell’s semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, and carrier architectures, our innovative technology is enabling new possibilities. At Marvell, you can affect the arc of individual lives, lift the trajectory of entire industries, and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation, above and beyond fleeting trends, Marvell is a place to thrive, learn, and lead.
Your Team, Your Impact
We are looking for a Vulnerability Management Professional who will be instrumental in protecting the company’s digital assets. The individual shall come with proven strong technical competence and leadership capability to contribute towards the success of the enterprise-wide vulnerability management program. A Vulnerability Management Professional will be responsible for identification, assessment, prioritization, and drive mitigation of security weaknesses across an organization’s IT infrastructure, including cloud and on-premises systems.
Key Responsibilities
- Conduct regular, scheduled, and on-demand vulnerability scans of servers, networks, applications, and cloud environments.
- Manage the regular scanning of Marvell’s infrastructure and applications to detect vulnerabilities.
- Configure, maintain, and tune security tools (e.g., Qualys, Rapid7, Defender VM).
- Analyze scan results to distinguish actual threats from false positives and prioritize vulnerabilities based on severity, exploitability, and business impact.
- Perform vulnerability risk profiling and prioritization of vulnerabilities.
- Conduct regular vulnerability assessments and penetration testing to identify weaknesses and potential threats to Marvell's systems and networks.
- Work closely with system owners, IT teams, and engineers to ensure timely patching, configuration changes, or mitigation of vulnerabilities.
- Implement automation for security workflows, data aggregation, and scanning to increase efficiency.
- Research emerging threats and vulnerabilities to proactively update security controls.
- Leverage technology stack to report and manage the requirements of various metrics requested by different stakeholders.
What You Can Expect
- Scanning & Detection: Conduct regular, scheduled, and on-demand vulnerability scans of servers, networks, applications, and cloud environments. Manage the regular scanning of Marvell’s infrastructure and applications to detect vulnerabilities.
- Tool Management: Configure, maintain, and tune security tools (e.g., Qualys, Rapid7, Defender VM).
- Analysis & Risk Assessment: Analyze scan results to distinguish actual threats from false positives and prioritize vulnerabilities based on severity, exploitability, and business impact. Perform vulnerability risk profiling and prioritization of vulnerabilities. Conduct regular vulnerability assessments and penetration testing to identify weaknesses and potential threats to Marvell's systems and networks.
- Remediation Coordination: Work closely with system owners, IT teams, and engineers to ensure timely patching, configuration changes, or mitigation of vulnerabilities.
- Automation & Improvement: Implement automation for security workflows, data aggregation, and scanning to increase efficiency.
- Threat Intelligence: Research emerging threats and vulnerabilities to proactively update security controls.
- Metrics & Reporting: Prepare detailed reports on vulnerability trends, remediation metrics, and compliance status for management and compliance teams. Leverage technology stack to report and manage the requirements of various metrics requested by different stakeholders.
Qualifications
- Bachelor's degree in Computer Science, Information Security, or related field. Master's degree preferred.
- 3 years of experience in vulnerability management.
- In-depth knowledge of common security vulnerabilities, attack vectors, and mitigation techniques.
- Experience with vulnerability scanning tools such as Qualys, Nessus, or similar.
- Strong understanding of network protocols, operating systems, and software development processes.
- Industry certifications such as OSCP, CISSP, GIAC GWAPT, are highly desirable.
- Excellent communication and interpersonal skills, with the ability to effectively collaborate with technical and non-technical stakeholders.
- Strong analytical and problem-solving abilities, with a keen attention to detail.
Expected Base Pay Range
The expected base pay range for this role is $92,500 - $136,860 per annum. The expected base pay range for this role may be modified based on market conditions.
Additional Compensation and Benefit Elements
Marvell is committed to providing exceptional, comprehensive benefits that support our employees at every stage - from internship to retirement and through life’s most important moments. Our offerings are built around four key pillars: financial well-being, family support, mental and physical health, and recognition. Highlights include an employee stock purchase plan with a 2-year look back, family support programs to help balance work and home life, robust mental health resources to prioritize emotional well-being, and a recognition and service awards to celebrate contributions and milestones.
Interview Integrity
To support fair and authentic hiring practices, candidates are not permitted to use AI tools (such as transcription apps, real-time answer generators like ChatGPT or Copilot, or automated note-taking bots) during interviews. These tools must not be used to record, assist with, or enhance responses in any way. Our interviews are designed to evaluate your individual experience, thought process, and communication skills in real time. Use of AI tools without prior instruction from the interviewer will result in disqualification from the hiring process.