Job Overview:
We are seeking a skilled and passionate security engineer to lead the central software security testing program across software in Arm. The role is within Arm's multifaceted Product Security team. You will have the opportunity to drive improvements in security of Arm software, and processes, and build security culture.
Responsibilities:
- Develop comprehensive software security assessment methodology.Conduct security assessments and code reviews to identify and remediate vulnerabilities in firmware and system software.Review and advise on output of security testing, including DAST, SAST, SCAAdvance baseline for security testing across Arm's software.Develop software fuzz testing strategy at Arm.Enable engineering teams to implement security testing independently.Keep up-to-date with industry best practices and developments in software security.
Required Skills and Experience :
- Deep knowledge and expertise in developing and reviewing software threat models.Experience writing secure code, and designing secure software specifically for low level software such as drivers, firmware.Knowledge of well known industry standard fuzzing tools such as AFL, libfuzzer, syzcaller.Demonstrated skills for secure code reviews (C/C++) of complex software projects.Experience in automation using scripting languages (e.g., Python).Experience in performing Software Composition Analysis using tools such as Black Duck
"Nice To Have" Skills and Experience :
- Expericence working with Arm's open source software.Knowledge of Arm assembly.Expericence in penetration testing.Delivered software security training.Experience in configuration and creation of rules for SAST tools such as Coverity and SonarQube.Experience in performing root cause analysis for security issues.Experience working with relevant security certification schemes (e.g., PSA Certified, common criteria, SESIP) and international standards (e.g, ISO 21434, IEC 62443).
In Return:
Arm is committed to global talent acquisition, offering an attractive relocation package. With offices worldwide, Arm is a diverse organization of dedicated, creative, and hardworking engineers. By enabling a dynamic, inclusive, meritocratic, and open workplace where everyone can grow and succeed, we encourage our people to share their outstanding contributions to Arm's success in the global marketplace.#LI-PD1