Senior Product Security Engineer
at Arm Holdings
Posted 9 hours ago
No clicks
- Compensation
- Not specified
- City
- Not specified
- Country
- United Kingdom
Currency: Not specified
Role focuses on securing Arm's SoC and embedded firmware solutions by evaluating system security architectures, reviewing firmware code, and conducting threat modeling and targeted tests. You’ll perform C/C++ security reviews, assess secure boot, rollback protection, memory isolation, and trusted execution environments, and explore advanced attack surfaces such as side-channel attacks. The role requires collaboration with cross-functional teams to embed security across the development lifecycle and influence secure firmware architectures for key handling, update flows, and hardware-backed protections. This is a senior-level position focusing on building secure systems from the ground up.
Job Description:
Are you passionate about building secure systems from the ground up? We're looking for an experienced and motivated Product Security Engineer to help shape the security posture of our SoC and embedded firmware solutions! In this role, you’ll evaluate system security architectures, dive into firmware code for review, contribute to ROM assessments, and perform hands-on threat modeling and lightweight testing.
This is a fantastic opportunity for someone who loves solving complex security challenges, enjoys collaborating with brilliant minds across domains, and wants to make a meaningful impact in real-world products. If you care about getting the details right and empowering others to do the same, we’d love to hear from you!
Responsibilities:
- Review firmware and SoC architecture for security risks and threat models.
- Evaluate critical security features like secure boot, rollback protection, memory isolation, and TEE.
- Perform C/C++ security code reviews to spot implementation-level flaws.
- Conduct targeted hands-on tests to validate security concerns when needed.
- Collaborate with cross-functional teams to embed security into the development lifecycle.
- Help shape secure firmware architectures for key handling, update flows, and hardware-backed protections.
- Communicate risks and solutions clearly to both technical and non-technical audiences.
Required Skills and Experience :
- Proven experience securing hardware-firmware interfaces or embedded systems.
- Strong hands-on expertise in C/C++ security code reviews.
- Background in secure boot, key provisioning, firmware hardening, and trusted computing.
- Solid understanding of firmware attack surfaces: fault injection, code injection, privilege escalation.
- Familiarity with isolation technologies such as Arm TrustZone, secure monitor, or memory protection.
- Ability to run and interpret quick tests to verify security assumptions.
- Experience with advanced attack surfaces like side-channel or fault attacks.
- Excellent collaboration, communication, and documentation skills.
“Nice To Have” :
- Familiarity with hardware design flows (e.g., RTL, UVM/SystemVerilog).
- Exposure to TPMs, Secure Elements, or hardware-backed crypto modules.
- Background in academic research or industry work in embedded security, firmware, or cryptographic implementation.
- Discovering or analysing security vulnerabilities in products, ideally with public CVEs or equivalent internal findings.
- Hands-on experience evaluating or testing products against certification schemes such as SESIP, PSA Certified, or Common Criteria.
You will develop the roadmap for Arm’s core interconnect and control subsystems, ensuring they are strategically aligned and technically validated across markets. While the initial focus is infrastructure, you will work across line of business and customers to ensure these foundational technologies are robust, driven, and reusable across Arm’s diverse product portfolio. Your ownership of requirement specs and roadmap rigor will ensure subsystem coherence across product generations — enabling Arm to scale from IP to complete system solutions.
Our 10x mindset guides how we engineer, collaborate, and grow. Understand what it means and how to reflect 10x in your work:https://careers.arm.com/en/10x-mindset
Didn't find what you were looking for?
Accommodations at Arm
At Arm, we want our people to Do Great Things. If you need support or an accommodation to Be Your Brilliant Self during the recruitment process, please email accommodations@arm.com. To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation. Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process.
Equal Opportunities at Arm
Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don’t discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Hybrid Working at Arm
Arm’s hybrid approach to working is centred around flexibility, where we split our time between the office and other locations to get our work done. Within that framework, we empower groups and teams to determine their own particular hybrid working pattern, depending on the work and the team’s needs. Details of what this means for each role will be shared upon application. In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution. Please talk to us to find out more about what this could look like for you.
#LI-JG1
Accommodations at Arm
At Arm, we want to build extraordinary teams. If you need an adjustment or an accommodation during the recruitment process, please email accommodations@arm.com. To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation or adjustment requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation. Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud, or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process.
Hybrid Working at Arm
Arm’s approach to hybrid working is designed to create a working environment that supports both high performance and personal wellbeing. We believe in bringing people together face to face to enable us to work at pace, whilst recognizing the value of flexibility. Within that framework, we empower groups/teams to determine their own hybrid working patterns, depending on the work and the team’s needs. Details of what this means for each role will be shared upon application. In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution. Please talk to us to find out more about what this could look like for you.
Equal Opportunities at Arm
Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don’t discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
