ARM Senior/Staff Security Engineer 

United Kingdom, England, Cambridge 

800822082

As a Security Engineer – Fuzzing Specialist, you will own and evolve our coverage-guided fuzzing program. Your mission is to uncover hard-to-reach security flaws before attackers do, drive fixes to closure, and help product teams to embrace dynamic testing like fuzzing. You’ll scout for new attack surfaces, craft high-performance fuzzing harnesses, and design custom sanitisers that push the state of the art. Success means measurable coverage gains, actionable crash reports, and products that ship with provable resilience.

• Map & prioritise fuzzing surfaces across services, libraries, APIs, and protocols; maintain a living risk-based roadmap.
• Design, build, and extend fuzzing harnesses (libFuzzer, AFL++, Honggfuzz, etc.) that improve code-path exploration and minimise false positives.
• Continuously improve coverage by growing seed corpus, deploying targeted mutation strategies, and integrating new instrumentation techniques.
• Automate crash triage & root-cause analysis; distinguish exploitable vulnerabilities from benign faults and drive CVE-level findings to remediation.
• Develop custom sanitisers to expose classes of bugs traditional fuzzing misses.
• Validate fixes & guard against regressions through differential fuzzing and regression corpora.
• Assess external disclosures (bug bounties, supply-chain advisories) to determine fuzzing detectability and refine harnesses when gaps are found.
• Document, report, and share insights — from coverage metrics to post-mortems to create data-driven security.

• 1+ years in application or product security with a deep focus on coverage-guided fuzzing.
• Hands-on expertise with at least one modern fuzzing framework (e.g., libFuzzer, AFL++, Honggfuzz).
• Proficient in C/C++ plus strong scripting ability in Python for automation.
• Solid understanding of memory-safety vulnerabilities, undefined behaviour, sanitisers, and compiler instrumentation.
• Demonstrated ability to triage crashes using debuggers, profilers, and reverse-engineering tools (gdb/lldb, IDA/Ghidra).
• Excellent written communication for documenting findings and influencing engineering teams.

• Contributions to open-source fuzzing tools, sanitisers, or security research publications.
• Knowledge of distributed fuzzing at scale (GCP/AWS, Kubernetes, or bare-metal clusters).
• Familiarity with kernel, embedded, or firmware fuzzing (e.g., Syzkaller, QEMU-based harnesses).
• Background in reverse engineering, static analysis or symbolic execution.
• Experience integrating fuzzing into CI/CD pipelines and tracking coverage metrics.