SoC Offensive Security Staff Engineer

Posted Yesterday
Be an Early Applicant
Austin, TX, USA
Hybrid
198K-268K Annually
Senior level
Artificial Intelligence • Internet of Things • Semiconductor
Build What the World Depends On
The Role
Perform adversarial security analysis of SoC microarchitectures across pre- and post-silicon platforms. Review architecture, RTL, firmware, and integration to identify vulnerabilities, develop PoCs/exploits, apply automation and AI-assisted techniques, collaborate with engineering teams, and improve threat models, mitigations, and offensive security tooling and methodologies.
Summary Generated by Built In
Job Description:
The Security Research and Response team in Arm's Architecture and Technology Group is seeking a highly skilled SoC Offensive Security Staff Engineer to apply an attacker's mindset to Arm's next-generation solutions, identifying design and integration-level vulnerabilities early in the development lifecycle!
Working as part of the SoC Offensive Security team, you will perform adversarial security assessments across multiple projects by reviewing architectural specifications, evaluating pre- and post-silicon platforms, conducting firmware security analysis, and collaborating with development teams to uncover security weaknesses that traditional SDL processes may overlook. You will use practical security research methods, automation, and where appropriate, AI-assisted techniques to improve the depth, scale, and efficiency of adversarial analysis. Your work will contribute directly to improving the security of Arm's next-generation silicon solutions!
Responsibilities:
  • Perform adversarial security analysis of SoC and chiplet micro-architectures, identifying unknown or emerging vulnerabilities across pre-silicon and post-silicon environments.
  • Engage with project teams at different stages of the development lifecycle to review architecture, micro-architecture, system-level specifications, security assumptions, RTL implementations, and firmware components.
  • Participate in design reviews, security discussions, and focused hackathons to develop new threat scenarios, perform adversarial testing, and improve security models.
  • Apply automation, scripting, and AI-assisted techniques where appropriate to support vulnerability discovery, specification analysis, test generation, triage, or exploration of complex attack surfaces.
  • Demonstrate the practical impact of vulnerabilities by developing Proofs of Concept (PoCs), exploits, and security demonstrations where appropriate.
  • Investigate multi-stage and cross-component attack chains beyond those captured in threat models or standard verification activities.
  • Collaborate closely with internal security researchers and engineering teams to accelerate security assessments and identify effective mitigations.
  • Contribute to improving threat models, security mitigations, and security architecture recommendations based on assessment findings.
  • Contribute to the development and continuous improvement of offensive security methodologies, tools, and best practices across the SoC Offensive Security team.

Required Skills and Experience:
  • Strong knowledge of SoC architecture and IP integration.
  • Thread modeling standalone IPs and Subsystems. Candidate should have experience enumerating micro-architectural attack surfaces and SoC integration concerns.
  • Demonstrated experience conducting adversarial assessments (PoCs, exploits, CTFs, published work).
  • Practical experience with SystemVerilog RTL, UVM-based validation environments and HW Dev IDEs
  • Comfortable reusing current verification environments and adapting them for negative and offensive testing.
  • Hands-on lab experience setting up development and testing platforms, delivering security evaluations, and validating findings in practical environments.
  • Firmware security analysis experience on projects like UEFI, uBoot, MCUBoot, Trusted Firmware or similar.
  • Experience with security focused specifications and standards such as Caliptra, DICE, or related attestation and hardware root-of trust standards.
  • Strong, determined problem solving outlook with creative security mentality.
  • Great communication skills, with the ability to influence design teams and clearly articulate risk and recommendations.
  • Ability to independently conduct complex technical investigations across assigned areas of responsibility.

"Nice To Have" Skills and Experience:
  • Familiarity with typical Hardware interface standards : PCIe, CXL, SMBus, SPI, I2C, UART, etc.
  • Familiarity with ARM's AMBA interconnect protocols: AXI, CHI, CXS, APB, ATB, LPI, etc.
  • Experience with formal proof tools and approaches for HW Security.
  • Experience with TEE and their HW building blocks. Should be able to elaborate on what is in the TCB of a confidential VM.
  • Experience with hardware fuzzing in pre and post silicon environments
  • Experience with software exploitation techniques.
  • Reverse engineering skills for hardware, firmware, or microarchitecture.
  • Contributions to open standard bodies or participation in security-focused special interest groups (e.g., industry working groups, architecture forums).

In Return:
You will join a team of hard-working security engineers at the forefront of identifying vulnerabilities in Arm based systems. Your work will shape the security posture of silicon programs and provide opportunities to influence architectural direction, collaborate with extraordinary engineers, and conduct hands-on offensive security research.
This role offers a unique opportunity to have direct impact on silicon designs, contribute to industry leading security practices, and help ensure Arm's next generation of solutions are robust against evolving adversaries. Arm is proud to foster an inclusive, diverse, and collaborative environment where your expertise and creativity will be valued.
#LS-KS1
Salary Range:
$198,100-$268,000 per year
We value people as individuals and our dedication is to reward people competitively and equitably for the work they do and the skills and experience they bring to Arm. Salary is only one component of Arm's offering. The total reward package will be shared with candidates during the recruitment and selection process.
Accommodations at Arm
At Arm, we want to build extraordinary teams. If you need an adjustment or an accommodation during the recruitment process, please email [email protected] . To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation or adjustment requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation. Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud, or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process.
Hybrid Working at Arm
Arm's approach to hybrid working is designed to create a working environment that supports both high performance and personal wellbeing. We believe in bringing people together face to face to enable us to work at pace, whilst recognizing the value of flexibility. Within that framework, we empower groups/teams to determine their own hybrid working patterns, depending on the work and the team's needs. Details of what this means for each role will be shared upon application. In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution. Please talk to us to find out more about what this could look like for you.
Equal Opportunities at Arm
Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don't discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Skills Required

  • Strong knowledge of SoC architecture and IP integration
  • Threat modeling of standalone IPs and subsystems and enumerating micro-architectural attack surfaces
  • Demonstrated experience conducting adversarial assessments (PoCs, exploits, CTFs, published work)
  • Practical experience with SystemVerilog RTL, UVM-based validation environments, and HW Dev IDEs
  • Ability to adapt verification environments for negative and offensive testing
  • Hands-on lab experience setting up development and testing platforms and validating security findings
  • Firmware security analysis experience (UEFI, U-Boot, MCUBoot, Trusted Firmware or similar)
  • Experience with security specifications and standards such as Caliptra, DICE, or related attestation and hardware root of trust standards
  • Experience applying automation, scripting, and AI-assisted techniques to support vulnerability discovery and test generation
  • Strong problem solving and creative security mentality
  • Excellent communication skills with ability to influence design teams and articulate risk and recommendations
  • Ability to independently conduct complex technical investigations
  • Familiarity with hardware interface standards (PCIe, CXL, SMBus, SPI, I2C, UART)
  • Familiarity with ARM AMBA protocols (AXI, CHI, CXS, APB, ATB, LPI)
  • Experience with formal proof tools and approaches for hardware security
  • Experience with TEEs and hardware building blocks of confidential VMs
  • Experience with hardware fuzzing in pre- and post-silicon environments
  • Experience with software exploitation techniques and reverse engineering for hardware/firmware/microarchitecture
  • Contributions to open standards or participation in security working groups

Arm Compensation & Benefits Highlights

  • Leave & Time Off Breadth Policies include generous paid time off in the U.S. (20 days from hire rising to 25 by year five with an option to buy extra) and a fully paid four‑week sabbatical after four years. Additional recharge time via quarterly “Days of Care” and paid volunteering is also highlighted.
  • Equity Value & Accessibility Equity is positioned as a core part of total rewards, with broad‑based RSUs and a companywide ESPP adopted in 2024 and confirmed in filings. This setup enables broad employee participation in company performance alongside base pay and bonus.
  • Parental & Family Support Enhanced maternity and paternity support with paid parental bonding time are emphasized and tailored by country. Family supports such as childcare and eldercare resources and a post‑parental leave return‑to‑work program are also referenced.

Arm Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Cambridge, England
8,314 Employees
Year Founded: 1990

What We Do

We bring brilliant people together in a global ecosystem that is sparking the world’s potential. Arm technology enables specialized processing built on the economics, design freedom and accessibility of general-purpose compute that has, so far, led to more than 180 billion chips being shipped by our partners.

Why Work With Us

At Arm, we build the future of computing, powering everything from smartphones to AI. Our 10x mindset drives bold thinking and deep collaboration to solve complex problems together. With a people first culture, flexible work, and strong support for growth and wellbeing, your ideas can make a global impact while your career thrives.

Gallery

Gallery
Gallery
Gallery
Gallery

Arm Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Typical time on-site: Not Specified
HQCambridge, UK
Galway, Ireland
Budapest, Hungary
Sophia Antipolis, France
Ra'anana, Israel
Bengaluru, India
Noida, India
Yokohama, Japan
Seoul, South Korea
Hsinchu, Taiwan
Taipei, Taiwan
Munich, Germany
Austin, TX
Bristol, UK
Chandler, AZ
Raleigh, NC
Lund, Sweden
Manchester, England
Oslo, Norway
San Diego, CA
San Jose, CA
Sheffield, UK
Trondheim, Norway
Boston, MA
Learn more

Similar Jobs

Arm Logo Arm

Principal Forward Deployed Engineer, Performance

Artificial Intelligence • Internet of Things • Semiconductor
Hybrid
Austin, TX, USA
8314 Employees
208K-281K Annually

Arm Logo Arm

Design Engineer

Artificial Intelligence • Internet of Things • Semiconductor
Hybrid
Austin, TX, USA
8314 Employees
162K-219K Annually

Arm Logo Arm

Senior Research Ecosystem Manager

Artificial Intelligence • Internet of Things • Semiconductor
Hybrid
Austin, TX, USA
8314 Employees
208K-281K Annually

Arm Logo Arm

Senior/Staff Design Verification Engineer - Coherent Interconnect

Artificial Intelligence • Internet of Things • Semiconductor
Hybrid
2 Locations
8314 Employees
198K-268K Annually

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account