Product Security Engineer

The Group You’ll Be A Part Of

The Global Information Systems Group is dedicated to the success of Lam through providing best-in-class and innovative information system solutions and services. Together, we support users globally with data, information, and systems to achieve their business objectives.

The Impact You’ll Make

Lam Information Security is looking for a security engineer to work with our software development teams. The application security engineer will specialize in the building security into existing and new CI/CD pipelines for Lam software. We are looking for an engineer who understands best practices and tools utilized in secure development and building security into the application.

The application security engineer will also support the broader information security strategy to safeguard Lams information systems infrastructure, business systems, and Operational Technology (OT) systems in Lam including engineering/manufacturing Labs.

What You’ll Do

• Contribute to the overall objectives of the Security Engineering team
• Design and guide the implementation of secure software development life cycle practices including threat modeling, code review, static and dynamic code analysis, secured GIT/CVS/SVN, peer review, and vulnerability assessment
• Develop DevSecOps capabilities including identifying security scanning tools (SAST, DAST, IAST,SCA) to be integrated into SDLC processes
• Guide and evangelize the organization in establishing end to end strong secure SDLC/DevOps policies and standards to foster security of CI/CD pipeline
• Research, evaluate and implement new security prototypes to meet an ever-evolving security risk posture

• Design, implement, deploy and maintain security architectures and countermeasures to protect products
• Assess the security of products to discover potential vulnerabilities on products
• Provide subject matter expertise to product engineering teams, advocating for better security process throughout LAM

Who We’re Looking For

• Bachelors degree in Computer Science, Information Security, IT management or related field
• 5+ years of experience in Information Security - related field
• Possess in-depth knowledge of OWASP top 10 and other similar frameworks to lead a team of product security analysts
• Demonstrated experience in product security, including hardware and software
• Experience working with Agile framework
• Ability to drive product and program conversations to negotiate tradeoffs between tactical and strategic goals
• Experience with security activities throughout the software development lifecycle – design reviews, threat modeling, code reviews, tooling, penetration testing
• Experience working with Static/Dynamic/Interactive Application Security Tools and Run-time Application Security Protection tools
• Hands on experience working with tools (Jenkins/Bitbucket/Artifactory)
• CISSP, CompTIA Security+, SANS professional certifications preferred
• Strong people and team/relationship building skills, work with cross functional global teams

Preferred Qualifications

• Experience within a global semiconductor company or equivalent industry experience preferred Breakdown and understand complex problems and the ability to develop a plan and innovative ways to address them

• Experience working in Azure cloud environment, utilizing Microsoft DevOps tools to architect secured coding to protect sensitive data

Our Commitment

We believe it is important for every person to feel valued, included, and empowered to achieve their full potential. By bringing unique individuals and viewpoints together, we achieve extraordinary results.

Lam Research ("Lam" or the "Company") is an equal opportunity employer. Lam is committed to and reaffirms support of equal opportunity in employment and non-discrimination in employment policies, practices and procedures on the basis of race, religious creed, color, national origin, ancestry, physical disability, mental disability, medical condition, genetic information, marital status, sex (including pregnancy, childbirth and related medical conditions), gender, gender identity, gender expression, age, sexual orientation, or military and veteran status or any other category protected by applicable federal, state, or local laws. It is the Company's intention to comply with all applicable laws and regulations. Company policy prohibits unlawful discrimination against applicants or employees.

Lam offers a variety of work location models based on the needs of each role. Our hybrid roles combine the benefits of on-site collaboration with colleagues and the flexibility to work remotely and fall into two categories – On-site Flex and Virtual Flex. ‘On-site Flex’ you’ll work 3+ days per week on-site at a Lam or customer/supplier location, with the opportunity to work remotely for the balance of the week. ‘Virtual Flex’ you’ll work 1-2 days per week on-site at a Lam or customer/supplier location, and remotely the rest of the time.

IND123 #LI-FC1 #LI-Hybrid 

Our Perks and Benefits

At Lam, our people make amazing things possible. That’s why we invest in you throughout the phases of your life with a comprehensive set of outstanding benefits.