Engineer the Quantum RevolutionYour expertise can help us shape the future of quantum computing at Oxford Ionics.

View Open Roles

Senior/Staff Security Engineer - Fuzzing Specialist

Arm
Cambridge
3 days ago
Create job alert

Senior/Staff Security Engineer - Fuzzing Specialist

Join to apply for the Senior/Staff Security Engineer - Fuzzing Specialist role at Arm

Senior/Staff Security Engineer - Fuzzing Specialist

1 day ago Be among the first 25 applicants

Join to apply for the Senior/Staff Security Engineer - Fuzzing Specialist role at Arm

Get AI-powered advice on this job and more exclusive features.

Job Overview

As a Security Engineer – Fuzzing Specialist, you will own and evolve our coverage-guided fuzzing program. Your mission is to uncover hard-to-reach security flaws before attackers do, drive fixes to closure, and help product teams to embrace dynamic testing like fuzzing. You’ll scout for new attack surfaces, craft high-performance fuzzing harnesses, and design custom sanitisers that push the state of the art. Success means measurable coverage gains, actionable crash reports, and products that ship with provable resilience.

Job Overview

As a Security Engineer – Fuzzing Specialist, you will own and evolve our coverage-guided fuzzing program. Your mission is to uncover hard-to-reach security flaws before attackers do, drive fixes to closure, and help product teams to embrace dynamic testing like fuzzing. You’ll scout for new attack surfaces, craft high-performance fuzzing harnesses, and design custom sanitisers that push the state of the art. Success means measurable coverage gains, actionable crash reports, and products that ship with provable resilience.

Responsibilities

  • Map & prioritise fuzzing surfaces across services, libraries, APIs, and protocols; maintain a living risk-based roadmap.
  • Design, build, and extend fuzzing harnesses (libFuzzer, AFL++, Honggfuzz, etc.) that improve code-path exploration and minimise false positives.
  • Continuously improve coverage by growing seed corpus, deploying targeted mutation strategies, and integrating new instrumentation techniques.
  • Automate crash triage & root-cause analysis; distinguish exploitable vulnerabilities from benign faults and drive CVE-level findings to remediation.
  • Develop custom sanitisers to expose classes of bugs traditional fuzzing misses.
  • Validate fixes & guard against regressions through differential fuzzing and regression corpora.
  • Assess external disclosures (bug bounties, supply-chain advisories) to determine fuzzing detectability and refine harnesses when gaps are found.
  • Document, report, and share insights — from coverage metrics to post-mortems to create data-driven security.

Required Skills and Experience:

  • 1+ years in application or product security with a deep focus on coverage-guided fuzzing.
  • Hands-on expertise with at least one modern fuzzing framework (e.g., libFuzzer, AFL++, Honggfuzz).
  • Proficient in C/C++ plus strong scripting ability in Python for automation.
  • Solid understanding of memory-safety vulnerabilities, undefined behaviour, sanitisers, and compiler instrumentation.
  • Demonstrated ability to triage crashes using debuggers, profilers, and reverse-engineering tools (gdb/lldb, IDA/Ghidra).
  • Excellent written communication for documenting findings and influencing engineering teams.

“Nice To Have” Skills and Experience :

  • Contributions to open-source fuzzing tools, sanitisers, or security research publications.
  • Knowledge of distributed fuzzing at scale (GCP/AWS, Kubernetes, or bare-metal clusters).
  • Familiarity with kernel, embedded, or firmware fuzzing (e.g., Syzkaller, QEMU-based harnesses).
  • Background in reverse engineering, static analysis or symbolic execution.
  • Experience integrating fuzzing into CI/CD pipelines and tracking coverage metrics.

If you’re passionate about breaking software safely, love high-coverage charts, and want to make a measurable dent in product security, we’d love to hear from you!

Accommodations at Arm

At Arm, we want to build extraordinary teams. If you need an adjustment or an accommodation during the recruitment process, please email . To note, by sending us the requested information, you consent to its use by Arm to arrange for appropriate accommodations. All accommodation or adjustment requests will be treated with confidentiality, and information concerning these requests will only be disclosed as necessary to provide the accommodation. Although this is not an exhaustive list, examples of support include breaks between interviews, having documents read aloud, or office accessibility. Please email us about anything we can do to accommodate you during the recruitment process.

Hybrid Working at Arm

Arm’s approach to hybrid working is designed to create a working environment that supports both high performance and personal wellbeing. We believe in bringing people together face to face to enable us to work at pace, whilst recognizing the value of flexibility. Within that framework, we empower groups/teams to determine their own hybrid working patterns, depending on the work and the team’s needs. Details of what this means for each role will be shared upon application. In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution. Please talk to us to find out more about what this could look like for you.

Equal Opportunities at Arm

Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don’t discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Seniority level

  • Seniority levelMid-Senior level

Employment type

  • Employment typeFull-time

Job function

  • Job functionInformation Technology
  • IndustriesSemiconductor Manufacturing, Software Development, and Computer Hardware Manufacturing

Referrals increase your chances of interviewing at Arm by 2x

Get notified about new Senior Security Engineer jobs in Cambridge, England, United Kingdom.

Stevenage, England, United Kingdom 3 days ago

Cambridge, England, United Kingdom 1 day ago

Cambridge, England, United Kingdom 1 month ago

Stevenage, England, United Kingdom 1 month ago

Stevenage, England, United Kingdom 2 months ago

Cambridge, England, United Kingdom 3 days ago

Cambridge, England, United Kingdom 3 weeks ago

Cambridge, England, United Kingdom 4 weeks ago

Huntingdon, England, United Kingdom 2 days ago

Cambridge, England, United Kingdom 1 day ago

Stevenage, England, United Kingdom 2 months ago

Cambridge, England, United Kingdom 1 day ago

Stevenage, England, United Kingdom 1 month ago

Ely, England, United Kingdom 19 hours ago

Stevenage, England, United Kingdom 4 days ago

Fire & Security Project Engineer (Custodial)

Stevenage, England, United Kingdom 3 days ago

Croydon, England, United Kingdom 2 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.


#J-18808-Ljbffr

Related Jobs

View all jobs

Senior/Staff Security Engineer - Fuzzing Specialist

Senior/Staff product security engineer

Fire and Security engineer

Staff Product Security Engineer

Chief Information Security Officer - Managing Director

Chief Information Security Officer – Managing Director

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Pre-Employment Checks for Cyber Security Jobs: DBS, References & Right-to-Work and more Explained

The cyber security sector in the UK stands at the forefront of protecting national infrastructure, business operations, and personal data from increasingly sophisticated cyber threats. As organisations across all sectors recognise cyber security as a critical business function, employers are implementing the most rigorous pre-employment screening processes in the technology industry to ensure they recruit professionals capable of defending against advanced persistent threats and maintaining the highest standards of security and trustworthiness. Whether you're a penetration tester, security analyst, incident response specialist, or chief information security officer, understanding the comprehensive vetting requirements is essential for successfully advancing your career in this security-critical field. This detailed guide explores the extensive background checks and screening processes you'll encounter when applying for cyber security positions in the UK, from fundamental eligibility verification to the most stringent security clearance requirements and specialised threat intelligence assessments.

Careers

Why Now Is the Perfect Time to Launch Your Career in Cyber Security: The UK's Digital Defence Revolution

The United Kingdom faces an unprecedented cyber security challenge that presents an extraordinary career opportunity. With cyber attacks increasing by 300% year-on-year and the average cost of a data breach reaching £4.24 million, Britain urgently needs skilled cyber security professionals to defend its digital infrastructure, protect citizens' data, and maintain national security in an increasingly connected world. If you've been considering a career change or seeking to future-proof your professional trajectory, cyber security represents one of the most secure, well-compensated, and socially impactful career choices available. The convergence of escalating threats, skills shortage, government investment, and regulatory requirements has created a perfect storm of opportunity that shows no signs of abating.

Jobs

Automate Your Cyber Security Jobs Search: Using ChatGPT, RSS & Alerts to Save Hours Each Week

Cyber roles drop across consultancies, MSSPs, hyperscalers, banks, gov & start-ups every day—often buried in ATS portals or duplicated across boards. The fix is simple: put discovery on autopilot with keyword-rich alerts, RSS feeds & a reusable ChatGPT workflow that triages listings, ranks fit, & tailors your CV in minutes. This copy-paste playbook is built for www.cybersecurityjobs.tech readers. It’s UK-centric, practical, & designed to save you hours each week. What You’ll Have Working In 30 Minutes A role & keyword map spanning SecOps/Detection, DFIR, AppSec, Cloud Security, GRC, Red Team, Threat Intel, IAM/PAM, OT/ICS & Vulnerability Management. Shareable Boolean search strings for Google & job boards to cut noise fast. Always-on alerts & RSS feeds delivering fresh roles to your inbox/reader. A ChatGPT “Cyber Job Scout” prompt that deduplicates, scores fit & outputs tailored actions. A simple pipeline tracker so deadlines & follow-ups never slip.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.