Endpoint Data Protection Engineer

About Marvell

Marvell's semiconductor solutions are the essential building blocks of the data infrastructure that connects our world. Across enterprise, cloud and AI, automotive, and carrier architectures, our innovative technology is enabling new possibilities.

At Marvell, you can affect the arc of individual lives, lift the trajectory of entire industries, and fuel the transformative potential of tomorrow. For those looking to make their mark on purposeful and enduring innovation, above and beyond fleeting trends, Marvell is a place to thrive, learn, and lead.

Your Team, Your Impact

What You Can Expect

• Design, implement, and manage endpoint data protection strategies to safeguard sensitive intellectual property (IP), including chip design files, engineering documentation, and confidential customer data.
• Deploy and maintain endpoint DLP solutions across Windows, macOS, and Linux systems used in engineering, R&D, and enterprise environments.
• Develop and tune DLP policies to monitor and prevent data exfiltration via USB, cloud sync, removable media, printing, screen capture, and unauthorized uploads.
• Conduct regular risk assessments of endpoint environments, identifying potential data leakage vectors specific to semiconductor workflows and engineering tools.
• Collaborate with IT and Security teams to ensure consistent endpoint protection coverage across corporate, BYOD, and contractor devices.
• Investigate and respond to endpoint-related data protection incidents, coordinating with SOC teams, HR, Legal, and other stakeholders as needed.
• Build workflows and automation for logging, alerting, and triaging endpoint DLP events using SIEM/SOAR tools
• Support secure remote work by implementing controls around VPN, VDI, and endpoint encryption technologies.
• Partner with global engineering teams to support secure collaboration while maintaining compliance with export control and data residency regulations (e.g., ITAR, EAR).
• Document and continuously improve SOPs, playbooks, and awareness training focused on endpoint data protection best practices

What We're Looking For

• 5-7+ years of experience in endpoint security, data loss prevention (DLP), or data protection, ideally within the semiconductor or high-tech industry.
• Deep hands-on experience with endpoint-focused DLP tools
• Expertise in developing and tuning DLP policies to protect sensitive semiconductor design files (e.g., GDSII, Verilog, RTL), CAD/CAM outputs, and confidential engineering documentation.
• Familiarity with classifying and securing proprietary chip designs, fab process documents, simulation models, and partner/customer NDAs.
• Expertise in designing and enforcing endpoint policies to prevent unauthorized file transfers (USB, Bluetooth, print), local encryption, screen captures, and unauthorized uploads.
• Knowledge of insider threat detection techniques, user behavior monitoring, and data activity monitoring (DAM) from endpoint sources.
• Strong understanding of data classification, tagging, and handling based on sensitivity levels.
• Hands-on experience integrating DLP with CASB, SIEM, and SOAR tools to support real-time alerting and incident response.
• Strong understanding of protecting data across global environments, including IP transfer across regions and cross-border data compliance.
• Comfortable working across Windows, macOS, and Linux environments, with endpoint protection deployed consistently across all.
• Knowledge of regulatory and industry compliance requirements (e.g., ITAR, EAR, GDPR, CCPA).
• Strong scripting and automation skills (PowerShell, Python, or Bash) for custom data protection tooling, endpoint agent deployment, policy tuning, and log parsing.
• Excellent communication skills to collaborate with Engineering, IT, Legal, and Global Security teams.
• Ability to work collaboratively in a cross-functional team environment.
• Bachelor's degree in Computer Science, Information Security, or a related field.
• Preferred certifications: CISSP, GIAC GISP, CIPP, Microsoft SC-400, or vendor-specific DLP certifications.

Expected Base Pay Range (USD)

The successful candidate's starting base pay will be determined based on job-related skills, experience, qualifications, work location and market conditions. The expected base pay range for this role may be modified based on market conditions.

Additional Compensation and Benefit Elements

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.

Any applicant who requires a reasonable accommodation during the selection process should contact Marvell HR Helpdesk at TAOps@marvell.com.