Principal Product Security Engineer

Job Overview: We are looking for an expert in security assessment of firmware, drivers, and operating systems to join Arm's Product Security team. In this role, you will lead Arm's approach to offensive software security with specific focus on fuzzing and penetration testing. Responsibilities: Develop software security test framework and processes across Arm's firmware, drivers and system software Lead Arm's internal penetration test strategy for software products Schedule, prioritise and conduct software security tests Lead other security test engineers within the product security team and across the business Required Skills and Experience: Deep knowledge and expertise in design, development, documentation and testing of software specifically for low level software such as firmware and drivers Strong understanding of SoC security fundamentals such as secure boot, measured boot, attestation, signing, Root of Trust Proven knowledge in leading software security assessment and penetration testing preferably at SoC level Demonstrated skills for finding security vulnerabilities 'which matter' Professional knowledge of software languages (such as C/C++, Rust, Python) Strong background in offensive security research Knowledge of Arm assembly, Arm based SoCs and devices Experience in leading fuzz testing activities and with tooling Capable of providing technical leadership Good interpersonal and communication skills Nice To Have Skills and Experience: Experience in performing security assessment on products towards external security certification such as common criteria, PSA, SESIP, FIPS Have participated in CTFs, Hackathons, or similar events Have published work within the offensive security domain at leading venues Experience with security evaluation of Linux kernel security, Android OS security, Windows systems and drivers security Experience in security of GPU/CPU/System firmware and drivers Professional certifications such as OSCP/OSEE In Return: With offices worldwide, Arm is a diverse organization of dedicated, creative, and hardworking engineers. By enabling a dynamic, inclusive, meritocratic, and open workplace where everyone can grow and succeed, we encourage our people to share their outstanding contributions to Arm's success in the global marketplace. Equal Opportunities at Arm: Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don't discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

#J-18808-Ljbffr