Staff Product Security Engineer – Part Time – Cambridge


The Arm Product Security Incident Response Team (PSIRT) is looking for a highly motivated, experienced addition to their team, to help deliver on Arm’s commitment to coordinated vulnerability disclosure (CVD) and navigate the ever-changing landscape of product security. Growth in this area has created an opportunity join a highly visible and dynamic team at the cutting edge of technology.

Job Overview:

This role is based within the Arm PSIRT and is responsible for managing security vulnerabilities and incidents related to Arm’s products and services. We continuously monitor for threats, assess vulnerabilities, coordinate incident response, and facilitate remediation. We also prioritise risks and maintain transparent communication with partners and the community regarding security issues. Arm is committed to maintaining industry-leading product security based on continuous improvement of our organisation’s security posture through investments into culture and process.


Day-to-day handling of suspected and confirmed vulnerabilities in Arm’s portfolio of products using the established incident response process

Support Arm’s engineering teams with analysis of reported vulnerabilities, including impact and severity assessments

Lead the development of Arm’s vulnerability monitoring capabilities using internal and external sources

Liaise with Arm’s engineering teams to facilitate the responsible disclosure of product security vulnerabilities

Engage with ecosystem peers across engineering and security teams to continuously improve Arm’s product security processes based on growing industry expectations

Required Skills and Experience :

At least 2 years prior experience in a PSIRT or similar security function

Bachelor’s or higher in a related field or equivalent experience

Excellent English written and verbal communication skills with a customer focus and ability to communicate vulnerabilities to a technical level

A good understanding of software, hardware, network, and system security

A good understanding of common classes of vulnerabilities and attack methodologies

Ability and willingness to expand security knowledge into various product spaces

“Nice To Have” Skills and Experience :

Experience with security research in products and ability to apply that knowledge to product security incident response

Experience in software vulnerability management and SDL practices

Prior engagement in working groups or similar with these key bodies FIRST, MITRE, CERT

Experience with ticket management systems such as Jira

Experience with incident management tooling

Experience with scripting languages, such as python

Familiarity Arm’s technologies and/or semiconductors/compilers/firmware

In Return:

The Arm PSIRT is a growing and evolving team with senior management visibility and responsibility for business critical processes. Members of this team will be exposed to upper management, having the opportunity to build both internal and external connections including with Arm’s partners and collaborators.


Job Type: Part Time


To apply for this job please visit