Vulnerability Management Professional

What You'll Do

• running vulnerability scans (e.g., Qualys, Tenable), analyzing risks, collaborating with IT teams to remediate threats, and automating security workflows.
• What You Can Expect Scanning & Detection: Conduct regular, scheduled, and on-demand vulnerability scans of servers, networks, applications, and cloud environments.
• Manage the regular scanning of Marvell’s infrastructure and applications to detect vulnerabilities.
• Tool Management: Configure, maintain, and tune security tools (e.g., Qualys, Rapid7, Defender VM).
• Analysis & Risk Assessment: Analyze scan results to distinguish actual threats from false positives and prioritize vulnerabilities based on severity, exploitability, and business impact.
• Perform vulnerability risk profiling and prioritization of vulnerabilities.
• Conduct regular vulnerability assessments and penetration testing to identify weaknesses and potential threats to Marvell's systems and networks.
• Remediation Coordination: Work closely with system owners, IT teams, and engineers to ensure timely patching, configuration changes, or mitigation of vulnerabilities.
• Automation & Improvement: Implement automation for security workflows, data aggregation, and scanning to increase efficiency.
• Threat Intelligence: Research emerging threats and vulnerabilities to proactively update security controls.
• Stay up-to-date on emerging security threats, vulnerabilities, and industry best practices to continuously improve Marvell's security posture.
• Metrics & Reporting: Prepare detailed reports on vulnerability trends, remediation metrics, and compliance status for management and compliance teams.
• Leverage technology stack to report and manage the requirements of various metrics requested by different stakeholders.
• What We're Looking For Bachelor's degree in Computer Science, Information Security, or related field.
• Master's degree preferred. 3 years of experience in vulnerability management.
• In-depth knowledge of common security vulnerabilities, attack vectors, and mitigation techniques.
• Experience with vulnerability scanning tools such as Qualys, Nessus, or similar.
• Strong understanding of network protocols, operating systems, and software development processes.
• Industry certifications such as OSCP, CISSP, GIAC GWAPT, are highly desirable.
• Excellent communication and interpersonal skills, with the ability to effectively collaborate with technical and non-technical stakeholders.
• Strong analytical and problem-solving abilities, with a keen attention to detail.
• Expected Base Pay Range (USD) 92,500 - 136,860, $ per annum The successful candidate’s starting base pay will be determined based on job-related skills, experience, qualifications, work location and market conditions.
• The expected base pay range for this role may be modified based on market conditions.
• Additional Compensation and Benefit Elements Marvell is committed to providing exceptional, comprehensive benefits that support our employees at every stage - from internship to retirement and through life’s most important moments.
• Our offerings are built around four key pillars: financial well-being, family support, mental and physical health, and recognition.
• Highlights include an employee stock purchase plan with a 2-year look back, family support programs to help balance work and home life, robust mental health resources to prioritize emotional well-being, and a recognition and service awards to celebrate contributions and milestones.
• We look forward to sharing more with you during the interview process.
• Any applicant who requires a reasonable accommodation during the selection process should contact Marvell HR Helpdesk at TAOps@marvell.com .
• Interview Integrity To support fair and authentic hiring practices, candidates are not permitted to use AI tools (such as transcription apps, real-time answer generators like ChatGPT or Copilot, or automated note-taking bots) during interviews.
• These tools must not be used to record, assist with, or enhance responses in any way.
• Our interviews are designed to evaluate your individual experience, thought process, and communication skills in real time.
• Use of AI tools without prior instruction from the interviewer will result in disqualification from the hiring process.
• This position may require access to technology and/or software subject to U.S. export control laws and regulations, including the Export Administration Regulations (EAR).
• As such, applicants must be eligible to access export-controlled information as defined under applicable law.
• Marvell may be required to obtain export licensing approval from the U.S.
• Department of Commerce and/or the U.S.
• Department of State.
• Except for U.S. citizens, lawful permanent residents, or protected individuals as defined by 8 U.S.C. 1324b(a)(3), all applicants may be subject to an export license review process prior to employment. #LI-JS22