We’re looking for an experienced and motivated Product Security Engineer to help shape the security posture of our SoC and embedded firmware solutions.
Responsibilities
* Review firmware and SoC architecture for security risks and threat models.
* Evaluate critical security features like secure boot, rollback protection, memory isolation, and TEE.
* Perform C/C++ security code reviews to spot implementation‑level flaws.
* Conduct targeted hands‑on tests to validate security concerns when needed.
* Collaborate with cross‑functional teams to embed security into the development lifecycle.
* Help shape secure firmware architectures for key handling, update flows, and hardware‑backed protections.
* Communicate risks and solutions clearly to both technical and non‑technical audiences.
* Develop the roadmap for Arm’s core interconnect and control subsystems, ensuring they are strategically aligned and technically validated across markets. While the initial focus is infrastructure, work across line of business and customers to ensure these foundational technologies are robust, driven, and reusable across Arm’s diverse product portfolio. Own requirement specs and roadmap rigor to ensure subsystem coherence across product generations, enabling Arm to scale from IP to complete system solutions.
Qualifications
* Proven experience securing hardware‑firmware interfaces or embedded systems.
* Strong hands‑on expertise in C/C++ security code reviews.
* Background in secure boot, key provisioning, firmware hardening, and trusted computing.
* Solid understanding of firmware attack surfaces: fault injection, code injection, privilege escalation.
* Familiarity with isolation technologies such as Arm TrustZone, secure monitor, or memory protection.
* Ability to run and interpret quick tests to verify security assumptions.
* Experience with advanced attack surfaces like side‑channel or fault attacks.
* Excellent collaboration, communication, and documentation skills.
Nice to Have
* Familiarity with hardware design flows (e.g., RTL, UVM/SystemVerilog).
* Exposure to TPMs, Secure Elements, or hardware‑backed crypto modules.
* Background in academic research or industry work in embedded security, firmware, or cryptographic implementation.
* Discovering or analysing security vulnerabilities in products, ideally with public CVEs or equivalent internal findings.
* Hands‑on experience evaluating or testing products against certification schemes such as SESIP, PSA Certified, or Common Criteria.
Equal Opportunity Employer. We are committed to providing an environment of mutual respect and equal opportunities for all applicants.
J-18808-Ljbffr