Cyber Threat Hunting and Intelligence Analyst

About Marvell

Marvell’s semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, automotive, and carrier architectures, our innovative technology is enabling new possibilities. 

At Marvell, you can affect the arc of individual lives, lift the trajectory of entire industries, and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation, above and beyond fleeting trends, Marvell is a place to thrive, learn, and lead. 

Your Team, Your Impact

Joining Marvell as Cyber Threat Hunting and Intelligence Analyst, you will be a senior-level expert at identifying and responding to cyber threats against Marvell. The SOC is the central nervous system for the cybersecurity organization, a 24x7 service responsible for detection, assessing, and responding to security threats globally. In this role you will enable the SOC to excel. You will have a high degree of freedom to hunt for and investigate sophisticated threats, and to develop detection logic, response playbooks, and automation to accelerate Marvell's ability to respond to emerging threats.

What You Can Expect

• Keep a finger on the pulse of threat and actor trends; advise IT and business stakeholders when immediate action is justified; and adjust detection engineering priorities based on the current threat landscape.
• Identify and digest threat data from various open and closed sources, correlating it against environmental context and ATT&CK matrix to produce threat intelligence. Validate for actionable items, and communicate validated threats to SOC for appropriate action.
• Threat hunting and forensic analysis. You will devise hunt hypotheses, creatively find new and unusual threats, and will confirm the reach of threats identified by the front line.
• You will test existing detection logic for gaps and faulty assumptions, creatively identifying ways adversaries might evade detection, and then come up with solutions.
• Provide expert threat analysis support to CSIRT and Global SOC. Research actors and tactics, identify ways for SOC to detect and CSIRT to contain a threat in real-time. Research anomalies detected by SOC to assess whether threat or benign.
• Produce threat reports tailored to Marvell business and distributed to the relevant stakeholders throughout the company; in varying forms from real-time immediate action to in-depth periodic assessments of trends and future expectations.
• When required, provide real-time and expert threat investigation support to the global Cyber Security Incident Response Team.
• Collaborate with the SIEM and SOAR engineering teams as well as SOC to turn hunting hypotheses into production detection cases and response playbooks.

What We're Looking For

• 8+ years' experience in one or more security-relevant domains including 5+ years as a SOC Analyst, or a Network Analyst with security scope; preferably for a >5000 person enterprise.
• Experience in working with a geographically diverse team in multiple time zones around the globe
• Strong communication skills and an ability to adapt a message to audiences ranging from technology SMEs to company executives to stakeholders in every business discipline.
• Deep understanding of MITRE ATT&CK, with demonstrated experience building detection cases and playbooks around the tactics and techniques most relevant to your business.
• Demonstrated experience devising, executing, and interpreting the results of threat hunting hypotheses from open and closed-source intelligence as well as personal knowledge and curiosity.
• Proficient technical writing skills (documenting processes and procedures);
• Ability to solve problems and work through ambiguity and uncertainty;
• Proficiency in common scripting languages such as PowerShell, Bash, Python, etc.
• Proficiency with one or more SIEM query language
• Experience working extensively with technologies such as IDS/IPS, NGFW, EDR, SIEM, HIDS/HIPS, AV, and Vulnerability Scanners.
• Expert level and continually expanding understanding of common and emerging security threats and vulnerabilities
• Self-motivated and proven ability to deliver end-to-end solutions in a high-tech and fast moving industry.
• Industry security certifications such as CISSP and relevant GIAC certifications or equivalent highly desirable.
• Understanding of NIST Cyber Security Framework standard and requirements and ability to apply them to an enterprise environment.
• Experience with infrastructure operations and processes associated with IT service management in an Enterprise-level organization.

Additional Compensation and Benefit Elements

With competitive compensation and great benefits, you will enjoy our workstyle within an environment of shared collaboration, transparency, and inclusivity. We’re dedicated to giving our people the tools and resources they need to succeed in doing work that matters, and to grow and develop with us. For additional information on what it’s like to work at Marvell, visit our Careers page.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.

#LI-RS1