Arm
Principal Platform Security Architect -Firmware & Operating Systems
How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Principal Platform Security Architect -Firmware & Operating Systems
Job ID 2026-16806 Date posted 12/05/2026 Location Cambridge, United Kingdom Category Product Security
Job Overview
We are looking for a Platform Security Architect to support the design and improvement of security mechanisms across platform firmware and embedded Linux environments.
This is a hands-on technical role spanning both embedded systems (e.g., Yocto-based platforms) and data center systems (e.g., BMC and platform firmware). The work includes securing boot chains, firmware update mechanisms, and Linux-based management environments, including embedded controllers and server management subsystems.
You will work closely with firmware and platform engineering teams to help integrate security controls across BIOS, BMC, and device firmware, and collaborate with internal security evaluation teams to support validation and continuous improvement of these controls.
The role involves working across low-level firmware, embedded Linux, and system hardening, with opportunities to contribute at both design and implementation levels.
Responsibilities
Firmware Security: Evaluate and support integration of security mechanisms across BIOS, BMC, and device firmware, including secure boot, firmware verification, update flows, rollback protection, and debug controls Embedded Linux & BMC Security: Contribute to improving the security of Linux-based management environments through system hardening, service isolation, access control, and secure configuration System Hardening: Identify potential attack surfaces and configuration gaps, and help apply and validate hardening measures and secure defaults Security Validation & CI Integration: Collaborate with internal security evaluation and engineering teams to support testing, develop validation tools/scripts, and integrate security checks into CI workflows Threat Analysis: Support threat modeling and analysis of firmware and management plane components to identify attack paths and improvement areas
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Required Skills And Experience
Hands-on experience with embedded Linux systems, including building and customizing platforms using Yocto/OpenEmbedded Hands-on experience implementing and validating Linux hardening controls, including service/interface hardening, privilege management, and reduction of system attack surface Experience contributing to the implementation or integration of security controls in firmware or embedded environments Strong understanding of low-level firmware and boot flows, including BIOS/UEFI, bootloaders, and platform firmware components Experience with secure boot chains and firmware trust models, including firmware verification and UEFI-based systems Experience working with firmware update mechanisms, including signing, verification, and rollback protection Familiarity with Arm architecture and boot processes, including early boot stages and firmware–hardware interaction Familiarity with platform interconnects such as PCIe, and associated security considerations in device and data-center environments Experience developing automation, validation tools, or scripts, including integration into CI workflows Proficiency in C/C++ for systems or embedded development, with the ability to work with low-level components when needed Understanding of Linux security fundamentals, including authentication, authorization, and system-level protections Familiarity with file system and data protection mechanisms, including encryption approaches such as eCryptfs or similar Ability to analyze and reason about firmware and system-level attack surfaces
“Nice To Have” Skills And Experience
Experience with BMC platforms or ecosystems such as OpenBMC Experience with Linux security features (e.g., SELinux, AppArmor, capabilities) Experience with firmware analysis, fuzzing, or security testing techniques Familiarity with container security in embedded or management environments Familiarity with hardware roots of trust (e.g., TPM, DICE) Familiarity with networking and network security concepts, particularly in management or data-center environments
Get help with your application
Your very own career expert that helps elevate your application to the next level.
In Return
Please note that a relocation package (including visa sponsorship support) is available for this role, for candidates who require it.
Accommodations at Arm
At Arm, we want to build extraordinary teams. If you need an adjustment or an accommodation during the recruitment process, please email
Hybrid Working at Arm
Arm’s approach to hybrid working is designed to create a working environment that supports both high performance and personal wellbeing. We believe in bringing people together face to face to enable us to work at pace, whilst recognizing the value of flexibility. Within that framework, we empower groups/teams to determine their own hybrid working patterns, depending on the work and the team’s needs. Details of what this means for each role will be shared upon application. In some cases, the flexibility we can offer is limited by local legal, regulatory, tax, or other considerations, and where this is the case, we will collaborate with you to find the best solution. Please talk to us to find out more about what this could look like for you.
Equal Opportunities at Arm
Arm is an equal opportunity employer, committed to providing an environment of mutual respect where equal opportunities are available to all applicants and colleagues. We are a diverse organization of dedicated and innovative individuals, and don’t discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
Salary Range
£126,200 - £170,800 per year
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills