Principal Security Engineer - Fuzzing Specialist
at Arm Holdings
Posted 9 hours ago
No clicks
- Compensation
- Not specified
- City
- Not specified
- Country
- United Kingdom
Currency: Not specified
Own and evolve Arm's coverage-guided fuzzing program to uncover hard-to-reach security flaws before attackers do, drive fixes to closure, and help product teams embrace dynamic testing. Design, build, and extend high-performance fuzzing harnesses (libFuzzer, AFL++, Honggfuzz) to improve code-path exploration and reduce false positives. Continuously improve coverage by growing seed corpora, applying targeted mutation strategies, and integrating new instrumentation. Automate crash triage and root-cause analysis, differentiate exploitable vulnerabilities from benign faults, and drive CVE-level findings to remediation.
Job Overview:
As a Security Engineer – Fuzzing Specialist, you will own and evolve our coverage-guided fuzzing program. Your mission is to uncover hard-to-reach security flaws before attackers do, drive fixes to closure, and help product teams to embrace dynamic testing like fuzzing. You’ll scout for new attack surfaces, craft high-performance fuzzing harnesses, and design custom sanitisers that push the state of the art. Success means measurable coverage gains, actionable crash reports, and products that ship with provable resilience.
Responsibilities:
- Map & prioritise fuzzing surfaces across services, libraries, APIs, and protocols; maintain a living risk-based roadmap.
- Design, build, and extend fuzzing harnesses (libFuzzer, AFL++, Honggfuzz, etc.) that improve code-path exploration and minimise false positives.
- Continuously improve coverage by growing seed corpus, deploying targeted mutation strategies, and integrating new instrumentation techniques.
- Automate crash triage & root-cause analysis; distinguish exploitable vulnerabilities from benign faults and drive CVE-level findings to remediation.
- Develop custom sanitisers to expose classes of bugs traditional fuzzing misses.
- Validate fixes & guard against regressions through differential fuzzing and regression corpora.
- Assess external disclosures (bug bounties, supply-chain advisories) to determine fuzzing detectability and refine harnesses when gaps are found.
- Document, report, and share insights — from coverage metrics to post-mortems to create data-driven security.
Required Skills and Experience:
- 1+ years in application or product security with a deep focus on coverage-guided fuzzing.
- Hands-on expertise with at least one modern fuzzing framework (e.g., libFuzzer, AFL++, Honggfuzz).
- Proficient in C/C++ plus strong scripting ability in Python for automation.
- Solid understanding of memory-safety vulnerabilities, undefined behaviour, sanitisers, and compiler instrumentation.
- Demonstrated ability to triage crashes using debuggers, profilers, and reverse-engineering tools (gdb/lldb, IDA/Ghidra).
- Excellent written communication for documenting findings and influencing engineering teams.
“Nice To Have” Skills and Experience :
- Contributions to open-source fuzzing tools, sanitisers, or security research publications.
- Knowledge of distributed fuzzing at scale (GCP/AWS, Kubernetes, or bare-metal clusters).
- Familiarity with kernel, embedded, or firmware fuzzing (e.g., Syzkaller, QEMU-based harnesses).
- Background in reverse engineering, static analysis or symbolic execution.
- Experience integrating fuzzing into CI/CD pipelines and tracking coverage metrics.
If you’re passionate about breaking software safely, love high-coverage charts, and want to make a measurable dent in product security, we’d love to hear from you!
You will develop the roadmap for Arm’s core interconnect and control subsystems, ensuring they are strategically aligned and technically validated across markets. While the initial focus is infrastructure, you will work across line of business and customers to ensure these foundational technologies are robust, driven, and reusable across Arm’s diverse product portfolio. Your ownership of requirement specs and roadmap rigor will ensure subsystem coherence across product generations — enabling Arm to scale from IP to complete system solutions.
#LI-CI1
Accommodations at Arm
At Arm, we want to build extraordinary teams. If you need an adjustment or an accommodation during the recruitment process, please email accommodations@arm.com. To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation or adjustment requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation. Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud, or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process.
Hybrid Working at Arm
Arm’s approach to hybrid working is designed to create a working environment that supports both high performance and personal wellbeing. We believe in bringing people together face to face to enable us to work at pace, whilst recognizing the value of flexibility. Within that framework, we empower groups/teams to determine their own hybrid working patterns, depending on the work and the team’s needs. Details of what this means for each role will be shared upon application. In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution. Please talk to us to find out more about what this could look like for you.
Equal Opportunities at Arm
Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don’t discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
