Title: Product Security Lead (Contract)
Sector: Defence & Mission‑Critical Engineering
Location: Marlow
Rate: Inside IR35
We're supporting a leading organisation in the defence engineering sector to secure an experienced Product Security Lead for a mission‑critical development programme. This is an opportunity to own the end‑to‑end implementation of US DoD‑driven cyber requirements, guiding multidisciplinary engineering teams and acting as the programme's cyber technical authority.
What You'll Be Doing
Leading compliance against DoD, DFARS, NIST SP 800‑171 and DISA STIGs
Driving cyber assurance across firmware, embedded systems, RTOS and STE
Owning cyber artefacts including SSP, POA&M, IR plans, configuration baselines
Implementing a fully compliant NIST 800‑171 development environment
Conducting threat modelling, vulnerability assessments and secure design reviews
Providing hands‑on guidance for secure coding, cryptography, hardening and CUI handling
Acting as the interface with US primes and DoD cybersecurity representatives
What You'll Bring
Strong background in cyber security within defence, aerospace or regulated engineering
Demonstrable experience delivering NIST 800‑171 and STIGs on real products
Secure development knowledge for embedded and firmware‑based systems
Ability to lead cyber work packages and influence cross‑functional engineering teams
Eligibility to work with ITAR‑controlled projects and CUI
What's on Offer
Flexible working (2/3 Day onsite per week)
Long‑term programme with strong extension potential
Opportunity to shape the cyber posture of a high‑value defence system
If you're an experienced defence‑sector cyber contractor looking for your next challenge, I'd love to speak with you.