Job Overview:
We are looking for a talented Security Engineer to join Arm’s Product Security team. In this role, you will play a key part in enhancing the security of Arm’s software and processes, while contributing to building a strong security engineering culture across the organization.
Responsibilities:
* Conduct security assessments across Arm's firmware, drivers and system software.
* Review and advise on output of various Security Development Lifecycle (SDLC) stages such as threat modeling, security testing, including DAST, SAST, SCA.
* Enable engineering teams to implement various stages of Arm's SDLC independently.
* Provide consultation on specific areas of software security and on the application of SDLC to the engineering teams.
* Keep up-to-date with industry best practices and developments in software security.
* Continuously improve Arm's approach to software security by refining software security best practices.
Required Skills and Experience:
* Deep knowledge and expertise in developing and reviewing software threat models.
* Detailed experience in security concept design and mitigation analysis.
* Experience writing secure code, and designing secure software specifically for low level software such as drivers and firmware.
* Demonstrated skills for secure code reviews (C/C++) of complex software projects.
* Experience in automation using scripting languages (e.g., Python).
* Experience in performing Software Composition Analysis using tools such as Black Duck.
* Experience in implementing Security Development Lifecycle in an organization.
“Nice To Have” Skills and Experience:
* Experience working with Arm's open source software.
* Knowledge of Arm assembly.
* Delivered software security training.
* Experience in configuration and creation of rules for SAST tools such as Coverity and SonarQube.
* Experience working with relevant security certification schemes (e.g., PSA Certified, common criteria, SESIP) and international standards (e.g., ISO 21434, IEC 62443).
In Return:
Arm is committed to global talent acquisition, offering an attractive relocation package. With offices worldwide, Arm is a diverse organization of dedicated, creative, and hardworking engineers. By enabling a dynamic, inclusive, meritocratic, and open workplace where everyone can grow and succeed, we encourage our people to share their outstanding contributions to Arm's success in the global marketplace.
#J-18808-Ljbffr