Perhaps people new to the codebase (or the industry, or to life in general) are less likely to view existing constructs as obviously correct, and therefore more likely to point out flaws.
I think you are right. It definitely takes more than that, but you can be the smartest guy in the world and you won't discover many vulnerabilities if you assume certain components are "hallowed ground".
Apparently he thought of the spectre-style vulnerabilities while through the Intel processor manuals[1]. How many established engineers would a) read through these reference manuals at all, and b) question the implementations described therein?
