Nuvia
General Summary:
As a Product Security Engineer focused on vulnerability research and exploit mitigation, you will play a critical role in securing software systems by identifying and mitigating vulnerabilities at both the source code and binary levels. This role is ideal for someone who is passionate about software security, has a deep understanding of C/C++ internals, and enjoys building and applying tools to uncover subtle flaws before attackers do.
Your primary focus will be on analyzing C/C++ source code using static analysis techniques, both manual and automated, to detect memory safety issues, logic errors, and insecure coding patterns. You will work closely with development teams to integrate and fine-tune sanitizers (such as ASan, UBSan, and MSan) and other compiler-based instrumentation to proactively catch bugs during development and testing.
In addition to source-level work, you will also analyze ARM binaries to identify vulnerabilities in compiled code, especially in cases where source is unavailable or incomplete. This includes reverse engineering, binary static analysis, and applying fuzzing techniques to validate findings and uncover additional issues.
A key part of your role will involve evaluating and implementing exploit mitigation strategies (e.g., stack canaries, ASLR, DEP, CFI) and ensuring they are effectively deployed across the software stack. You will also monitor external security incidents (e.g., CVEs, threat reports, zero-days) to identify detection gaps in current tooling and processes, and work to close those gaps through improved analysis, tooling, and secure coding guidance.
This is a hands-on, engineering-focused role that blends security research, tool development, and collaborative problem-solving. You’ll work alongside developers, security engineers, and incident responders to ensure that vulnerabilities are not only found, but also understood, mitigated, and prevented in the future.
Required Qualifications:
Minimum Qualifications:
• Bachelor's degree in Engineering, Information Systems, Computer Science, or related field and 4+ years of Software Engineering or related work experience.Preferred Qualifications:
Education qualifications:
Applicants: Qualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail disability-accomodations@qualcomm.com or call Qualcomm's toll-free number found here. Upon request, Qualcomm will provide reasonable accommodations to support individuals with disabilities to be able participate in the hiring process. Qualcomm is also committed to making our workplace accessible for individuals with disabilities. (Keep in mind that this email address is used to provide reasonable accommodations for individuals with disabilities. We will not respond here to requests for updates on applications or resume inquiries).
Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law.
To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Qualcomm. Staffing and recruiting agencies and individuals being represented by an agency are not authorized to use this site or to submit profiles, applications or resumes, and any such submissions will be considered unsolicited. Qualcomm does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications.
If you would like more information about this role, please contact Qualcomm Careers.