Enable job alerts via email!
Staff Software Security Engineer
Arm
Cambridge
On-site
GBP 50,000 - 90,000
Full time
Boost your interview chances
Create a job specific, tailored resume for higher success rate.
Job summary
Join a forward-thinking company as a Security Engineer and play a pivotal role in enhancing software security. This position involves conducting security assessments, advising on the Security Development Lifecycle, and fostering a strong security culture across the organization. You'll work with talented engineers to implement best practices in software security, ensuring Arm's products remain secure and resilient. If you're passionate about security and eager to make an impact in a dynamic, inclusive environment, this is the perfect opportunity for you.
Benefits
Qualifications
- Expertise in developing and reviewing software threat models.
- Experience in writing secure code for low-level software.
Responsibilities
- Conduct security assessments on firmware, drivers, and system software.
- Review and advise on Security Development Lifecycle stages.
Skills
Tools
Job description
We are looking for a talented Security Engineer to join Arm’s Product Security team. In this role, you will play a key part in enhancing the security of Arm’s software and processes, while contributing to building a strong security engineering culture across the organization.
- Conduct security assessments across Arm's firmware, drivers and system software.
- Review and advise on output of various Security Development Lifecycle (SDLC) stages such as threat modeling, security testing, including DAST, SAST, SCA.
- Enable engineering teams to implement various stages of Arm's SDLC independently.
- Provide consultation on specific areas of software security and on the application of SDLC to the engineering teams.
- Keep up-to-date with industry best practices and developments in software security.
- Continuously improve Arm's approach to software security by refining software security best practices.
- Deep knowledge and expertise in developing and reviewing software threat models.
- Detailed experience in security concept design, mitigation analysis.
- Experience writing secure code, and designing secure software specifically for low level software such as drivers and firmware.
- Demonstrated skills for secure code reviews (C/C++) of complex software projects.
- Experience in automation using scripting languages (e.g., Python).
- Experience in performing Software Composition Analysis using tools such as Black Duck.
- Experience in implementing Security Development Lifecycle in an organization.
- Experience working with Arm's open source software.
- Knowledge of Arm assembly.
- Delivered software security training.
- Experience in configuration and creation of rules for SAST tools such as Coverity and SonarQube.
- Experience working with relevant security certification schemes (e.g., PSA Certified, common criteria, SESIP) and international standards (e.g., ISO 21434, IEC 62443).
Arm is committed to global talent acquisition, offering an attractive relocation package. With offices worldwide, Arm is a diverse organization of dedicated, creative, and hardworking engineers. By enabling a dynamic, inclusive, meritocratic, and open workplace where everyone can grow and succeed, we encourage our people to share their outstanding contributions to Arm's success in the global marketplace.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
