Security Software Engineer (C, RUST, FIPS, Crypto, Documentation)

About Marvell

Marvell’s semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, automotive, and carrier architectures, our innovative technology is enabling new possibilities.

At Marvell, you can affect the arc of individual lives, lift the trajectory of entire industries, and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation, above and beyond fleeting trends, Marvell is a place to thrive, learn, and lead.

Your Team, Your Impact

Marvell is at the forefront of cloud data protection and security, partnering with major public cloud providers to offer scalable and secure data encryption solutions across public, private, and hybrid cloud environments. As we continue to grow, we are seeking a highly skilled and motivated Firmware Certification Engineer to join our team. The ideal candidate will have extensive experience with FIPS 140-3 Level 3 and 4, PCI PTS, and Common Criteria certification processes, with a strong emphasis on Implementation Guidance (IGs) and standards.

What You Can Expect

• Interpret and apply FIPS 140-3 Implementation Guidance (IGs) to ensure that all cryptographic modules meet the required standards.
• Prepare and review detailed documentation, including Security Policies, Design Documentation, and Test Reports, with a focus on IG compliance.
• Conduct and oversee algorithm testing, entropy testing, and physical security testing to ensure compliance with FIPS 140-3 requirements.
• Work closely with cross-functional teams, including hardware engineers, software developers, and security analysts, to ensure seamless integration and compliance.
• Oversee the entire FIPS 140-3 Level 4 certification process for firmware, ensuring Compliance with all relevant standards and guidelines.
• Stay updated with the latest FIPS 140-3 standards, IGs, and guidelines, and implement best practices to improve the certification process.

What We're Looking For

• Bachelor’s or Master’s degree in computer science, or a related fields with a Minimum of 5 to 10 years of experience in FIPS 140-2/140-3 certification, with a focus on Level 3 and 4 requirements.
• Strong understanding of cryptographic algorithms, entropy sources, physical security mechanisms, and FIPS 140-3 IGs. Familiarity with CAVP and ACVTS testing processes.
• Excellent communication, documentation, and project management skills. Ability to work collaboratively in a team environment.
• Previous experience in a lab environment conducting FIPS 140-3 validations.
• Experience with Common Criteria, PCIPTS, NIAP and other security certifications.
• Knowledge of SP 800-90B and associated IG requirements.

Additional Compensation and Benefit Elements

With competitive compensation and great benefits, you will enjoy our workstyle within an environment of shared collaboration, transparency, and inclusivity. We’re dedicated to giving our people the tools and resources they need to succeed in doing work that matters, and to grow and develop with us. For additional information on what it’s like to work at Marvell, visit our Careers page.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.

Interview Integrity

As part of our commitment to fair and authentic hiring practices, we ask that candidates do not use AI tools (e.g., transcription apps, real-time answer generators like ChatGPT, CoPilot, or note-taking bots) during interviews.

Our interviews are designed to assess your personal experience, thought process, and communication skills in real-time. If a candidate uses such tools during an interview, they will be disqualified from the hiring process.

This position may require access to technology and/or software subject to U.S. export control laws and regulations, including the Export Administration Regulations (EAR). As such, applicants must be eligible to access export-controlled information as defined under applicable law. Marvell may be required to obtain export licensing approval from the U.S. Department of Commerce and/or the U.S. Department of State. Except for U.S. citizens, lawful permanent residents, or protected individuals as defined by 8 U.S.C. 1324b(a)(3), all applicants may be subject to an export license review process prior to employment.

#LI-RS1