Detection Engineering & Threat Hunting Lead
Company: Marvell Semiconductor, Inc.
Location: Washington
Posted on: October 20, 2024
Job Description:
About Marvell Marvell's semiconductor solutions are the
essential building blocks of the data infrastructure that connects
our world. Across enterprise, cloud and AI, automotive, and carrier
architectures, our innovative technology is enabling new
possibilities.At Marvell, you can affect the arc of individual
lives, lift the trajectory of entire industries, and fuel the
transformative potential of tomorrow. For those looking to make
their mark on purposeful and enduring innovation, above and beyond
fleeting trends, Marvell is a place to thrive, learn, and lead.Your
Team, Your ImpactJoining Marvell as Detection Engineering and
Threat Hunt Lead, you will be a senior-level expert at identifying
and responding to cyber threats against Marvell. The SOC is the
central nervous system for the cybersecurity organization, a 24x7
service responsible for detection, assessing, and responding to
security threats globally. In this role you will enable the SOC to
excel. You will have a high degree of freedom to hunt for and
investigate sophisticated threats, and to develop detection logic,
response playbooks, and automation to accelerate Marvell's ability
to respond to emerging threats.What You Can Expect
- Keep a finger on the pulse of threat and actor trends; advise
IT and business stakeholders when immediate action is justified;
and adjust detection engineering priorities based on the current
threat landscape.
- Identify and digest threat data from various open and closed
sources, correlating it against environmental context and
ATT&CK matrix to produce threat intelligence. Validate for
actionable items, and communicate validated threats to SOC for
appropriate action.
- Threat hunting and forensic analysis. You will devise hunt
hypotheses, creatively find new and unusual threats, and will
confirm the reach of threats identified by the front line.
- You will test existing detection logic for gaps and faulty
assumptions, creatively identifying ways adversaries might evade
detection, and then come up with solutions.
- Provide expert threat analysis support to CSIRT and Global SOC.
Research actors and tactics, identify ways for SOC to detect and
CSIRT to contain a threat in real-time. Research anomalies detected
by SOC to assess whether threat or benign.
- Produce threat reports tailored to Marvell business and
distributed to the relevant stakeholders throughout the company; in
varying forms from real-time immediate action to in-depth periodic
assessments of trends and future expectations.
- When required, provide real-time and expert threat
investigation support to the global Cyber Security Incident
Response Team.
- Collaborate with the SIEM and SOAR engineering teams as well as
SOC to turn hunting hypotheses into production detection cases and
response playbooks.What We're Looking For
- 8+ years' experience in one or more security-relevant domains
including 5+ years as a SOC Analyst, or a Network Analyst with
security scope; preferably for a > 5000 person enterprise.
- Experience in working with a geographically diverse team in
multiple time zones around the globe
- Strong communication skills and an ability to adapt a message
to audiences ranging from technology SMEs to company executives to
stakeholders in every business discipline.
- Deep understanding of MITRE ATT&CK, with demonstrated
experience building detection cases and playbooks around the
tactics and techniques most relevant to your business.
- Proficient technical writing skills (documenting processes and
procedures);
- Ability to solve problems and work through ambiguity and
uncertainty;
- Proficiency in common scripting languages such as PowerShell,
Bash, Python, etc.
- Proficiency with one or more SIEM query language
- Experience working extensively with technologies such as
IDS/IPS, NGFW, EDR, SIEM, HIDS/HIPS, AV, and Vulnerability
Scanners.
- Expert level and continually expanding understanding of common
and emerging security threats and vulnerabilities
- Self-motivated and proven ability to deliver end-to-end
solutions in a high-tech and fast moving industry.
- Industry security certifications such as CISSP and relevant
GIAC certifications or equivalent highly desirable.
- Understanding of NIST Cyber Security Framework standard and
requirements and ability to apply them to an enterprise
environment.
- Experience with infrastructure operations and processes
associated with IT service management in an Enterprise-level
organization.#LI-JS22Expected Base Pay Range (USD)113,800 -
168,390, $ per annumThe successful candidate's starting base pay
will be determined based on job-related skills, experience,
qualifications, work location and market conditions. The expected
base pay range for this role may be modified based on market
conditions.Additional Compensation and Benefit ElementsAt Marvell,
we offer a total compensation package with a base, bonus and
equity.Health and financial wellbeing are part of the package. That
means flexible time off, 401k, plus a year-end shutdown, floating
holidays, paid time off to volunteer. Have a question about our
benefits packages - health or financial? Ask your recruiter during
the interview process.This role is eligible for our hybrid work
model in which you will be able to split time between working from
home and on-site in a Marvell office.All qualified applicants will
receive consideration for employment without regard to race, color,
religion, sex, national origin, sexual orientation, gender
identity, disability or protected veteran status.Any applicant who
requires a reasonable accommodation during the selection process
should contact Marvell HR Helpdesk at TAOps@marvell.com.
Keywords: Marvell Semiconductor, Inc., Potomac , Detection Engineering & Threat Hunting Lead, Engineering , Washington, Maryland
Didn't find what you're looking for? Search again!
Loading more jobs...