System Security Architect jobs at Arm in United Kingdom, Cambridge

As a Security Engineer – Fuzzing Specialist, you will own and evolve our coverage-guided fuzzing program. Your mission is to uncover hard-to-reach security flaws before attackers do, drive fixes to closure, and help product teams to embrace dynamic testing like fuzzing. You’ll scout for new attack surfaces, craft high-performance fuzzing harnesses, and design custom sanitisers that push the state of the art. Success means measurable coverage gains, actionable crash reports, and products that ship with provable resilience.

• Map & prioritise fuzzing surfaces across services, libraries, APIs, and protocols; maintain a living risk-based roadmap.
• Design, build, and extend fuzzing harnesses (libFuzzer, AFL++, Honggfuzz, etc.) that improve code-path exploration and minimise false positives.
• Continuously improve coverage by growing seed corpus, deploying targeted mutation strategies, and integrating new instrumentation techniques.
• Automate crash triage & root-cause analysis; distinguish exploitable vulnerabilities from benign faults and drive CVE-level findings to remediation.
• Develop custom sanitisers to expose classes of bugs traditional fuzzing misses.
• Validate fixes & guard against regressions through differential fuzzing and regression corpora.
• Assess external disclosures (bug bounties, supply-chain advisories) to determine fuzzing detectability and refine harnesses when gaps are found.
• Document, report, and share insights — from coverage metrics to post-mortems to create data-driven security.

• 1+ years in application or product security with a deep focus on coverage-guided fuzzing.
• Hands-on expertise with at least one modern fuzzing framework (e.g., libFuzzer, AFL++, Honggfuzz).
• Proficient in C/C++ plus strong scripting ability in Python for automation.
• Solid understanding of memory-safety vulnerabilities, undefined behaviour, sanitisers, and compiler instrumentation.
• Demonstrated ability to triage crashes using debuggers, profilers, and reverse-engineering tools (gdb/lldb, IDA/Ghidra).
• Excellent written communication for documenting findings and influencing engineering teams.

• Contributions to open-source fuzzing tools, sanitisers, or security research publications.
• Knowledge of distributed fuzzing at scale (GCP/AWS, Kubernetes, or bare-metal clusters).
• Familiarity with kernel, embedded, or firmware fuzzing (e.g., Syzkaller, QEMU-based harnesses).
• Background in reverse engineering, static analysis or symbolic execution.
• Experience integrating fuzzing into CI/CD pipelines and tracking coverage metrics.

• Review firmware and SoC architecture for security risks and threat models.
• Evaluate critical security features like secure boot, rollback protection, memory isolation, and TEE.
• Perform C/C++ security code reviews to spot implementation-level flaws.
• Conduct targeted hands-on tests to validate security concerns when needed.
• Collaborate with cross-functional teams to embed security into the development lifecycle.
• Help shape secure firmware architectures for key handling, update flows, and hardware-backed protections.
• Communicate risks and solutions clearly to both technical and non-technical audiences.

• Proven experience securing hardware-firmware interfaces or embedded systems.
• Strong hands-on expertise in C/C++ security code reviews.
• Background in secure boot, key provisioning, firmware hardening, and trusted computing.
• Solid understanding of firmware attack surfaces: fault injection, code injection, privilege escalation.
• Familiarity with isolation technologies such as Arm TrustZone, secure monitor, or memory protection.
• Ability to run and interpret quick tests to verify security assumptions.
• Experience with advanced attack surfaces like side-channel or fault attacks.
• Excellent collaboration, communication, and documentation skills.

• Familiarity with hardware design flows (e.g., RTL, UVM/SystemVerilog).
• Exposure to TPMs, Secure Elements, or hardware-backed crypto modules.
• Background in academic research or industry work in embedded security, firmware, or cryptographic implementation.
• Discovering or analysing security vulnerabilities in products, ideally with public CVEs or equivalent internal findings.
• Hands-on experience evaluating or testing products against certification schemes such as SESIP, PSA Certified, or Common Criteria.

As an experienced quality assurance engineer, you will contribute to the work of the quality team on an exciting new range of Arm hardware devices aimed at AI use cases, applying deep technical expertise to ensure high performance, reliability and maintainability. You will implement processes to ensure quality is established in every stage during software development, and will collaborate with software teams to define, develop and automate tests for their components as well as the integrated solution.

• Working with software teams to establish and implement quality processes in every stage of the development cycle
• Test development for firmware and Linux-based systems (kernel, device drivers and applications)
• Test and workload automation with regular and reliable execution and effective reporting
• Delivering tasks with minimal guidance and contributing to the implementation of larger / more complex work

• Experience in developing test plans, software validation techniques and designing effective and efficient test cases
• Good understanding of computer architecture principles and hardware-software interaction, and proficient in C programming and common scripting languages such as Python
• Effective communicator and ability to collaborate well within and across teams

• Familiar with quality management standards such as ISO9001
• Experience with CI systems and test automation involving physical and simulated hardware devices

You will be responsible for support and maintenance of downstream product quality firmware of Arm Neoverse CSS based platform solutions. You will provide primary interface to all customers for support and maintenance requirements. Your responsibilities will include defect management, feature back porting and defect fixing. You will work closely with the release team for coordination of downstream release updates for customers post-launch releases. You will be working alongside firmware development team in contributing to the design and development of solutions for Arm Neoverse CPU and System IP based Infrastructure platforms.

• Expert in C programming for embedded systems with excellent debugging skills.
• Experience in development and maintenance of product quality firmware with good knowledge of bootloaders and device drivers.
• Defect triaging and defect management experience of system software.
• Good understanding and experience maintaining software compliant with industry specifications such as UEFI and ACPI.
• Familiarity with technologies such as RAS, hypervisors, CXL, power management and security.

• Experience in providing support and maintenance of production quality firmware in server segment.
• Experience in working with open-source community. We value understanding of open-source project development cycles and contribution processes.
• Providing customer support in triaging and resolving reported issues.
• Familiarity with open-source projects such as Linux Kernel, TF-A, UEFI EDK II and OpenBMC.

Responsibilities

• As a creative design engineer with a knowledge of subsystemsandSoCs you will be part of a team integrating IPanddeveloping logic for SoCs.
• You will work with the project team to understandandreview the architecture,anddevelop the design specifications.
• Your key responsibilities will include writing micro-architecture specifications, developing the RTL, fixing bugsandrunning various design checks.
• You will work with the verification team to review test plans,andhelp debug design issues.
• You will work with the performance analysis team to evaluateandimprove subsystem performance.
• You will also contribute to developingandenhancing the design methodologies used by the team.
• You will guideandsupport other members of the team as needed to enable the successful completion of project activities.
• You will balance other opportunities such as working with Project Management on activities, plans,andschedules

Required SkillsandExperience:

• In addition to bringing your accomplishment of either Bachelors or Master’s degree or equivalent experience in Computer Science or Electrical/Computer Engineering.
• Experience of 5+ years working in design of complex compute subsystems or SoCs, you will need:
  • Strong knowledge of digital hardware designandVerilog HDL!
  • A thorough understandingandexperience of the current design techniques for complex SoC development.
  • Experience creating design specifications
  • Experience developing RTL for SoC projects
  • Experience with Perl, Python or other scripting language

Desired SkillsandExperience:

• Experience with ARM-based designsand/or ARM System Architectures
• Experience integrating subsystems for PCIe, LPDDR, HBM, UCIe, Ethernet
• Experience with SystemVerilogandverification methodologies – UVM/OVM/e
• Experience leading small teams or projects
• Experience or knowledge in the following areas
  • Synthesisandtiming analysis
  • Static design checks, including CDC, RDC, X-Propagation, Linting
  • Power management techniques
  • DFTandphysical implementation

Produce reliable and robust research and analytics; devise and investigate new ideas for workload analysis, and the development of new and innovative tools.

• A solid understanding of systems that uses multiple types of computing cores such as CPUs and GPUs, and the factors that impact on performance.
• Ability to understand and discuss deep technical topics at different levels to a wide range of audiences.
• Ability to represent complex data with innovative visualisations.

The following are some of the skills and knowledge you will acquire in this role, so existing experience or interest in any of these areas would be of benefit!

• Detailed performance analysis of computing platforms.
• Experience building applications for mobile or windows platforms.
• Experience analysing and optimising performance of applications.
• Understanding of the interactions between applications and OS Kernel, and hardware.

Using our close relationship with developers and ecosystem partners, including game studios, we explore the latest technologies including games, groundbreaking camera algorithms, media streaming, browsers, productivity, and ML based use cases.

Responsibilities:

Produce reliable and robust research and analytics; devise and investigate new ideas for workload analysis, and the development of new and innovative tools.

Required Skills and Experience :

• A solid understanding of Heterogeneous Computing platforms for mobile platforms, and the factors that impact on performance
• Understanding of the interactions between applications and OS Kernel, and hardware
• Ability to understand and discuss deep technical topics at different levels to a wide range of audiences
• Ability to represent complex data with innovative visualisations.

“Nice To Have” Skills and Experience :

The following are some of the skills and knowledge you will acquire in this role, so existing experience or interest in any of these areas would be of benefit!

• Detailed performance analysis of computing platforms
• Experience building applications for mobile or windows platforms
• Experience analysing and optimising performance of applications.