Cybersecurity Risk Analyst

SUMMARY:

The Cybersecurity Risk Analyst will work with a broad range of teams throughout Qorvo to ensure appropriate security and risk programs for the evolving world of cybersecurity threats and compliance requirements. The emphasis of this role is managing cybersecurity Governance, Risk and Compliance (GRC). Duties include assessing internal and third-party security capabilities, advising and consulting on traditional and innovative solutions to security problems, and building security consensus between IT, business, and operations teams. These duties include, but are not limited to, building, and maintaining security control frameworks, monitoring risk remediation plans, evaluating and updating Qorvo cybersecurity policies and procedures, and providing input for the security awareness and training program. Additionally, the incumbent must be comfortable translating security and business requirements into technical designs.

This role can be based in any of the following locations: Apopka, FL; Greensboro, NC; Dallas, TX; Portland, OR. Fully remote work is also an option (dependent on Qorvo business operations in the state of residency).

RESPONSIBILITIES:

• Serve as the Qorvo subject matter expert and advisor for a range of cybersecurity regulatory compliance and contractual requirements and security control frameworks
• Coordinate and address supply chain/third-party cybersecurity risk management concerns
• Develop, evaluate and recommend cybersecurity controls for a broad range of technology and business projects and programs
• Coordinate and conduct cybersecurity test and evaluation of hardware and/or software designs to verify and validate compliance
• Employ cyber security processes, methods, techniques, and tools and assure their consistent application.
• Implement appropriate assessment and accreditation activities as required by customers third parties
• Participate in incident response and investigation activities as directed
• Maintain leading-edge knowledge on the impacts of emerging technologies on Qorvo’s cybersecurity capabilities and broadly share this knowledge with relevant stakeholders
• Manage relationships with an extensive network of third-party cybersecurity support teams (e.g., MSSPs and vendors)

QUALIFICATIONS: 

• 8 – 10 years of information security experience with at least 5-years of direct hands on experience. BS preferred, will consider certification and work experience
• Current CISSP, Security+, SANS and/or other security certifications preferred
• Extensive experience with various security compliance requirements, regulations, and frameworks (e.g., CMMC, PCI-DSS, HIPAA, ISO-2700X, NIST 800-171, NIST-CSF)
• A minimum of four years’ experience in a technical support role or job-related experience, supporting security related technology in a diverse technology environment
• Experience with specific security solutions including vulnerability scanning and reporting, firewalls, SIEMs, penetration-testing tools, etc. (e.g., Nessus, Qualys, Rapid 7, etc.)
• Experience working with third-party Managed Security Service Providers (MSSPs)
• Ability to communicate technical solutions to project management, development team, operations team, information security team and IT solutions team
• Ability to take direction and understand and execute technical concepts and tasks
• Well organized and ability to be successful in fast-paced, high-stress scenarios

#LI-AM1

MAKE A DIFFERENCE AT QORVO

We are Qorvo. We do more than create innovative RF solutions for the mobile, defense and infrastructure markets – we are a place to innovate and shape the future of wireless communications. It starts with our employees. As a unified global team, we bring a commitment to excellence, growth and a passion for creating what’s next. Explore the possibilities with us.

We are an Equal Employment Opportunity (EEO) / Affirmative Action employer and welcome all qualified applicants. Applicants will receive fair and impartial consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, military or veteran status, physical or mental disability, genetic information, and/or any other status protected by law.