ARM
Senior Product Security Engineer Overview
| Company Name | ARM |
| Job Role | Senior Product Security Engineer |
| Qualifications | Not Specified |
| Category | IT Jobs |
| Job Type | Full Time |
| Location | Cambridge |
This role is for an experienced product security specialist who wants to help strengthen the security of Armâs SoC and embedded firmware offerings from the earliest design stages through to validation. The position focuses on evaluating security architecture, reviewing firmware and low-level code, and helping teams build robust protections into products that are used across a wide range of markets. It is suited to someone who enjoys solving difficult technical problems, working closely with engineers from different disciplines, and making a tangible difference to real products.
What you will do
- Assess the security of system-on-chip designs, embedded firmware, and the surrounding architecture to identify threats, weaknesses, and design gaps.
- Review firmware and hardware/software interfaces for security issues, with particular attention to how the system behaves across boot, update, and runtime flows.
- Examine important security mechanisms such as secure boot, rollback protection, memory isolation, and trusted execution environments to judge whether they are implemented effectively.
- Carry out detailed security-focused reviews of C and C++ code to uncover implementation mistakes that could create vulnerabilities.
- Use targeted hands-on testing when necessary to confirm whether a concern is real and to validate security assumptions.
- Work alongside cross-functional teams to make security part of the normal development process rather than a separate afterthought.
- Help design secure firmware approaches for key management, software update handling, and hardware-backed protection features.
- Communicate findings, risks, and recommended fixes in a way that is useful to both deeply technical colleagues and non-technical stakeholders.
- Contribute to the development of Armâs core interconnect and control subsystems, helping ensure they are technically validated, reusable, and aligned with broader product goals.
- Take ownership of requirement specifications and help maintain roadmap discipline so that subsystem designs remain consistent across product generations.
What we are looking for
- Proven experience securing embedded systems or the interfaces between hardware and firmware.
- Strong practical experience reviewing C and C++ code with a security mindset.
- Knowledge of secure boot, key provisioning, firmware hardening, and trusted computing concepts.
- A solid understanding of common firmware attack surfaces, including fault injection, code injection, and privilege escalation.
- Familiarity with isolation and protection technologies such as Arm TrustZone, secure monitor environments, or memory protection features.
- The ability to run quick validation tests and interpret the results to check whether a security assumption holds up.
- Experience with more advanced attack areas such as side-channel techniques or fault-based attacks.
- Excellent collaboration, communication, and documentation skills.
- Additional experience that would be useful includes knowledge of hardware design flows such as RTL or UVM/SystemVerilog.
- Further helpful exposure includes TPMs, secure elements, or hardware-backed cryptographic modules.
- Background in academic research or industry work related to embedded security, firmware security, or cryptographic implementation would be an advantage.
- Experience discovering or analyzing product vulnerabilities, especially where this has led to public CVEs or equivalent internal findings, would be valuable.
- Experience evaluating products against certification or assurance schemes such as SESIP, PSA Certified, or Common Criteria would also be beneficial.
Team and role context
The role sits within a team working on foundational technologies that support Armâs wider product portfolio. Although the initial emphasis is on infrastructure, the work spans collaboration with business units and customers to ensure the underlying technologies are robust, strategically aligned, and reusable. The position places a strong emphasis on requirement ownership, technical rigor, and helping create subsystem designs that remain coherent as products evolve over time.
The posting also highlights Armâs broader engineering culture, including a â10xâ mindset that encourages strong engineering practices, effective collaboration, and continuous growth.
Working arrangement
Arm describes this role as part of its hybrid working approach. The company splits time between office and other locations, while allowing teams to decide the most suitable pattern based on the nature of the work and team needs. The exact arrangement for this role is shared during the application process. Arm also notes that flexibility may be affected by local legal, regulatory, tax, or other constraints, and that the company will work with candidates to find the best practical solution where needed.
Benefits and support
- Salary range of £73,500 to £99,500 per year.
- Hybrid working with flexibility built around team and role requirements.
- Benefits that support health and wellbeing.
- Support for work-life balance and flexible working patterns.
- Financial rewards beyond base pay.
- Learning, development, and broader support to help employees grow professionally and personally.
- Recruitment accommodations available for candidates who need adjustments, including interview breaks, reading support for documents, and accessibility help in the office.
- An inclusive equal-opportunity workplace that values respect and diversity.
How to apply
Candidates can apply directly through the job posting. The page also offers options to save the role, share it, and join Armâs talent community for future opportunities. If you need an adjustment or accommodation during recruitment, Arm asks that you contact its accommodations email address so support can be arranged confidentially.
Additional company information
Arm presents itself as a collaborative engineering environment where people work on technologies that influence a very large share of connected devices and computing applications. The company emphasizes innovation, teamwork, diversity, and the opportunity to contribute to products and systems with broad real-world impact.
Degree Requirement: Not Specified
Visa Sponsorship Promising
To apply for this job please visit careers.arm.com.