Job Description:

Are you passionate about building secure systems from the ground up? We're looking for an experienced and motivated Product Security Engineer to help shape the security posture of our SoC and embedded firmware solutions! In this role, you’ll evaluate system security architectures, dive into firmware code for review, contribute to ROM assessments, and perform hands-on threat modeling and lightweight testing.

This is a fantastic opportunity for someone who loves solving complex security challenges, enjoys collaborating with brilliant minds across domains, and wants to make a meaningful impact in real-world products. If you care about getting the details right and empowering others to do the same, we’d love to hear from you!

Responsibilities:

• Review firmware and SoC architecture for security risks and threat models.
• Evaluate critical security features like secure boot, rollback protection, memory isolation, and TEE.
• Perform C/C++ security code reviews to spot implementation-level flaws.
• Conduct targeted hands-on tests to validate security concerns when needed.
• Collaborate with cross-functional teams to embed security into the development lifecycle.
• Help shape secure firmware architectures for key handling, update flows, and hardware-backed protections.
• Communicate risks and solutions clearly to both technical and non-technical audiences.

Required Skills and Experience :

• Proven experience securing hardware-firmware interfaces or embedded systems.
• Strong hands-on expertise in C/C++ security code reviews.
• Background in secure boot, key provisioning, firmware hardening, and trusted computing.
• Solid understanding of firmware attack surfaces: fault injection, code injection, privilege escalation.
• Familiarity with isolation technologies such as Arm TrustZone, secure monitor, or memory protection.
• Ability to run and interpret quick tests to verify security assumptions.
• Experience with advanced attack surfaces like side-channel or fault attacks.
• Excellent collaboration, communication, and documentation skills.

“Nice To Have” :

• Familiarity with hardware design flows (e.g., RTL, UVM/SystemVerilog).
• Exposure to TPMs, Secure Elements, or hardware-backed crypto modules.
• Background in academic research or industry work in embedded security, firmware, or cryptographic implementation.
• Discovering or analysing security vulnerabilities in products, ideally with public CVEs or equivalent internal findings.
• Hands-on experience evaluating or testing products against certification schemes such as SESIP, PSA Certified, or Common Criteria.

#LI-JG1

Accommodations at Arm

At Arm, we want to build extraordinary teams. If you need an adjustment or an accommodation during the recruitment process, please email accommodations@arm.com. To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation or adjustment requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation. Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud, or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process.

Hybrid Working at Arm

Arm’s approach to hybrid working is designed to create a working environment that supports both high performance and personal wellbeing. We believe in bringing people together face to face to enable us to work at pace, whilst recognizing the value of flexibility. Within that framework, we empower groups/teams to determine their own hybrid working patterns, depending on the work and the team’s needs. Details of what this means for each role will be shared upon application. In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution. Please talk to us to find out more about what this could look like for you.

Equal Opportunities at Arm

Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don’t discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.