Lab Endpoint Cyber Security Engineer

The Lab Endpoint Security Engineer will be responsible for designing, implementing, and maintaining security solutions to protect the confidentiality, integrity, and availability of semiconductor lab environments. This role involves developing and implementing security policies, conducting vulnerability and risk assessments, and deploying risk-reducing solutions. The ideal candidate should possess a strong understanding of lab workflows, embedded systems, and security practices for high-value intellectual property environments. Responsibilities include designing access control systems, hardening endpoints, ensuring secure remote access, collaborating with various teams, defining and monitoring security policies, conducting risk assessments, supporting compliance audits, collaborating with vulnerability management and engineering teams. The role also involves fine-tuning, configuring, administering, and managing endpoint security platforms.

Must Have

• 5+ years of security engineering experience
• 3+ years of experience managing endpoint protection platforms
• Familiarity with lab tools and secure firmware practices
• Experience with vulnerability scanning tools
• Working knowledge of regulatory frameworks

Good to Have

• Experience securing remote access using VPN, ZTNA, or jump-host architectures
• Understanding of secure boot and code signing
• Ability to analyze endpoint telemetry from EDR solutions
• Experience managing vulnerability lifecycle processes
• Experience in scripting languages (Python, PowerShell, etc.)
• Experience with administrating physical and virtual platforms
• Strong analytical and problem-solving abilities

About Marvell

Marvell’s semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, automotive, and carrier architectures, our innovative technology is enabling new possibilities. 

At Marvell, you can affect the arc of individual lives, lift the trajectory of entire industries, and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation, above and beyond fleeting trends, Marvell is a place to thrive, learn, and lead. 

Your Team, Your Impact

What You Can Expect

• Design and implement physical and logical access control systems in engineering labs

• Harden lab endpoints, test stations, and development tools against unauthorized access or tampering

• Ensure secure remote access and segmentation of lab environments from corporate IT

• Collaborate with IT, facilities, and engineering teams to align security with operational needs

• Define, deploy, and monitor lab-specific security policies (e.g., USB restrictions, debug interface controls)

• Conduct risk assessments and remediation for lab infrastructure, equipment, and data flows

• Support monitor of lab networks for abnormal activity and enforce security event response workflows

• Assist in compliance audits and secure handling of sensitive data (e.g., chip design files, firmware)

• Collaborate with the vulnerability management team to implement workflows for lab assets, including scanning, triage, patch coordination, and remediation tracking

• Collaborate with engineering to assess the impact of vulnerabilities on proprietary development tools or lab-built systems

• Fine tuning, configuration, administration, and management of the endpoint security platforms/solutions.

• Work with IT endpoint teams to manage Add/remove/Changes and troubleshoot issues related to endpoint security tools

What We're Looking For

• Minimum 5+ years in security engineering, preferably in semiconductor, R&D, or high-tech manufacturing environments.

• 3+ years proven experience with managing endpoint protection platforms

• Familiarity with lab tools, embedded development, and secure firmware practices

• Experience with vulnerability scanning tools and secure lab configuration management

• Working knowledge of regulatory frameworks (e.g., ISO 27001, NIST 800-171)

• Experience securing remote access using VPN, ZTNA, or jump-host architectures

• Understanding of secure boot, code signing, and firmware integrity validation for embedded devices

• Ability to analyze endpoint telemetry from EDR solutions (e.g., CrowdStrike, SentinelOne) in lab environments

• Experience managing vulnerability lifecycle processes and risk-based remediation planning for lab endpoints and test systems

• Experience in scripting languages such as Python, PowerShell, Bash, Perl, Jscript, and knowledge of regular expressions.

• Experience with administrating a diverse set of physical and virtual platforms, including MS Windows, Linux, and macOS.

• Ability to maintain, test, and troubleshoot endpoint protection policies and rules.

• Strong analytical and problem-solving abilities, with attention to detail.

• Ability to prioritize, drive others to action, deliver results, mentor and develop technical skills in team.

• Excellent communication and collaboration skills, with the ability to work effectively in a team environment.

• Ability to work independently and prioritize tasks in a fast-paced, dynamic environment.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field or equivalent experience

• Relevant cybersecurity certifications such as CISSP, GIAC, or equivalent

Additional Compensation and Benefit Elements

With competitive compensation and great benefits, you will enjoy our workstyle within an environment of shared collaboration, transparency, and inclusivity. We’re dedicated to giving our people the tools and resources they need to succeed in doing work that matters, and to grow and develop with us. For additional information on what it’s like to work at Marvell, visit our Careers page.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.