Lab Endpoint Cyber Security Engineer

About Marvell
Marvell's semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, automotive, and carrier architectures, our innovative technology is enabling new possibilities.

At Marvell, you can affect the arc of individual lives, lift the trajectory of entire industries, and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation, above and beyond fleeting trends, Marvell is a place to thrive, learn, and lead.

Your Team, Your Impact
The Lab Endpoint Security Engineer will be responsible for designing, implementing, and maintaining security solutions to protect the confidentiality, integrity, and availability of our semiconductor lab environments. This role requires developing and implementing security policies, conducting vulnerability and risk assessments, and deploying risk reducing solutions to our labs. The ideal candidate has a strong understanding of lab workflows, embedded systems, and security practices tailored for high-value intellectual property (IP) environments.

What You Can Expect

• Design and implement physical and logical access control systems in engineering labs
• Harden lab endpoints, test stations, and development tools against unauthorized access or tampering
• Ensure secure remote access and segmentation of lab environments from corporate IT
• Collaborate with IT, facilities, and engineering teams to align security with operational needs
• Define, deploy, and monitor lab-specific security policies (e.g., USB restrictions, debug interface controls)
• Conduct risk assessments and remediation for lab infrastructure, equipment, and data flows
• Support monitor of lab networks for abnormal activity and enforce security event response workflows
• Assist in compliance audits and secure handling of sensitive data (e.g., chip design files, firmware)
• Collaborate with the vulnerability management team to implement workflows for lab assets, including scanning, triage, patch coordination, and remediation tracking
• Collaborate with engineering to assess the impact of vulnerabilities on proprietary development tools or lab-built systems
• Fine tuning, configuration, administration, and management of the endpoint security platforms/solutions.
• Work with IT endpoint teams to manage Add/remove/Changes and troubleshoot issues related to endpoint security tools

What We're Looking For

• Minimum 5+ years in security engineering, preferably in semiconductor, R&D, or high-tech manufacturing environments.
• 3+ years proven experience with managing endpoint protection platforms
• Familiarity with lab tools, embedded development, and secure firmware practices
• Experience with vulnerability scanning tools and secure lab configuration management
• Working knowledge of regulatory frameworks (e.g., ISO 27001, NIST
• Experience securing remote access using VPN, ZTNA, or jump-host architectures
• Understanding of secure boot, code signing, and firmware integrity validation for embedded devices
• Ability to analyze endpoint telemetry from EDR solutions (e.g., CrowdStrike, SentinelOne) in lab environments
• Experience managing vulnerability lifecycle processes and risk-based remediation planning for lab endpoints and test systems
• Experience in scripting languages such as Python, PowerShell, Bash, Perl, Jscript, and knowledge of regular expressions.
• Experience with administrating a diverse set of physical and virtual platforms, including MS Windows, Linux, and macOS.
• Ability to maintain, test, and troubleshoot endpoint protection policies and rules.
• Strong analytical and problem-solving abilities, with attention to detail.
• Ability to prioritize, drive others to action, deliver results, mentor and develop technical skills in team.
• Excellent communication and collaboration skills, with the ability to work effectively in a team environment.
• Ability to work independently and prioritize tasks in a fast-paced, dynamic environment.
• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field or equivalent experience
• Relevant cybersecurity certifications such as CISSP, GIAC, or equivalent

Additional Compensation And Benefit Elements
With competitive compensation and great benefits, you will enjoy our workstyle within an environment of shared collaboration, transparency, and inclusivity. We're dedicated to giving our people the tools and resources they need to succeed in doing work that matters, and to grow and develop with us. For additional information on what it's like to work at Marvell, visit our Careers page.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.

Interview Integrity
As part of our commitment to fair and authentic hiring practices, we ask that candidates do not use AI tools (e.g., transcription apps, real-time answer generators like ChatGPT, CoPilot, or note-taking bots) during interviews.
Our interviews are designed to assess your personal experience, thought process, and communication skills in real-time. If a candidate uses such tools during an interview, they will be disqualified from the hiring process.
This position may require access to technology and/or software subject to U.S. export control laws and regulations, including the Export Administration Regulations (EAR). As such, applicants must be eligible to access export-controlled information as defined under applicable law. Marvell may be required to obtain export licensing approval from the U.S. Department of Commerce and/or the U.S. Department of State. Except for U.S. citizens, lawful permanent residents, or protected individuals as defined by 8 U.S.C. 1324b(a)(3), all applicants may be subject to an export license review process prior to employment.