victories together. About the Role As a Security Software Engineer, your role involves architecting, designing, and implementing end-to-end security controls to impact the global user base. A key focus is on developing automated, scalable security solutions to enhance efficiency and protect Roku. This position requires expertise in creating and extending security automation tools, including detection and process … designing, and implementing End-to-End Security solutions and controls. Your work will directly impact our global user base Focusing on Automation. Developing automated, scalable security solutions. Efficiency is key Administering HashiCorp Vault for secrets management Performing threat modeling and analysis to identify and mitigate security risks Managing PKI, TLS, and GPG infrastructure Applying cryptography and security design … principles to cloud environments Documenting playbooks, procedures, and architecture Providing subject matter expertise to software development groups to assist in cryptography and keymanagement/authentication API. We are excited if you have Passion for cybersecurity with an effective and passionate drive to protect digital assets. Experience implementing custom, cloud-agnostic IAM at scale Navigate the complexities of More ❯
Plans, work package descriptions and cost estimates in support of product bids, services and proposals. Undertaking security risk assessments, risk mitigation plans, mitigation gap analysis and preparation of security management documentation for system Accreditation. Defining product security requirements, advising development teams on suitable implementation standards and techniques and overseeing product development activities. Liaison with Security Accreditors and Security Assurance … Coordinators in support of security accreditation. Preparation of Protection Profiles, Security Targets and Evaluation Management Plans, and liaison with NCSC and commercial evaluation teams in support of evaluation activities. Preparation of TEMPEST Control Plans, advising development teams on appropriate implementation techniques, and liaising with TEMPEST test facilities. Advising development teams on suitable platform lockdown and configurations, and supporting Penetration … test activities. Analysing penetration test results and preparation of remedial action plans. Prepare and implement through life support and maintenance for product security including vulnerability and patch management plans Lead security incident management teams during incident/crisis situations in conjunction with Head of Product Security for EW/FCA Review and maintain corporate product security policies. Deliver More ❯
Cambridge, Cambridgeshire, United Kingdom Hybrid / WFH Options
Arm Limited
to identify implementation flaws. Conduct targeted tests to validate security concerns. Collaborate with cross-functional teams to integrate security into the development process. Help design secure firmware architectures for keymanagement, update processes, and hardware protections. Communicate risks and solutions effectively to technical and non-technical stakeholders. Required Skills and Experience: Experience securing hardware-firmware interfaces or embedded … systems. Hands-on expertise in C/C++ security code reviews. Knowledge of secure boot, key provisioning, firmware hardening, and trusted computing. Understanding of firmware attack surfaces such as fault and code injection, privilege escalation. Familiarity with isolation technologies like Arm TrustZone. Ability to perform and interpret security tests. Experience with advanced attack vectors like side-channel and fault More ❯
