Social network you want to login/join with:
Lead Product Security Engineer, Southampton
Client:
Leonardo
Location:
Southampton, United Kingdom
Job Category:
-
EU work permit required:
Yes
Job Reference:
1df54b6f822a
Job Views:
10
Posted:
28.04.2025
Expiry Date:
12.06.2025
Job Description:
Job Description:
At Leonardo, we have a fantastic opportunity for a Lead Product Security Engineer to join our team within the Customer Support and Service Solutions (CS3) line of business. CS3 operates across the UK, providing innovative and invaluable support solutions to our customers. We help to ensure the availability of front-line capability wherever and whenever required.
We are looking for an experienced security engineer with expertise in developing and maintaining product security management systems for defence and government customers. The Lead Product Security Engineer will be responsible for all security aspects of product design, development, verification, and maintenance throughout the product lifecycle, including security planning, assessment, risk mitigation, and accreditation activities. The role involves working closely with product development teams to design, implement, and maintain security controls, providing technical advice within the area of product security.
* Work with customer security accreditors and SMEs to ensure product compliance with security policies and manage residual security risks.
* Produce Security Management Plans, work package descriptions, and cost estimates for bids and proposals.
* Conduct security risk assessments, create risk mitigation plans, perform gap analysis, and prepare accreditation documentation.
* Define security requirements, advise on implementation standards, and oversee development activities.
* Liaise with Security Accreditors and Assurance Coordinators for accreditation support.
* Prepare Protection Profiles, Security Targets, and Evaluation Management Plans; liaise with evaluation teams.
* Advise on platform lockdowns, configurations, and support penetration testing; analyze results and plan remediations.
* Manage security throughout the product lifecycle, including vulnerabilities and patches.
* Lead security incident management during crises.
* Support maintenance of security policies and recommend improvements.
* Deliver security training to engineering teams.
* Develop security solutions for military and/or commercial systems.
* Possess NCSC certification or recognized qualifications like ISC CISSP.
* Knowledge of UK/NATO standards, ISO27000, NIST, JSP standards, and guidance from NCSC, CPNI, NIST.
* Experience in security accreditation documentation and evaluation techniques.
* Knowledge of cryptography and key management.
* Familiarity with Model Based System Engineering (MBSE).
* Understanding of security controls for operating systems, firmware, and software.
* Awareness of emerging technologies including cloud, virtualization, and web-based solutions.
* Excellent communication skills for interacting with stakeholders.
* Positive attitude and ability to motivate others.
* Experience with Enterprise Security Architectures like SABSA and MODAF.
Security Clearance: Required
Life at Leonardo
Leonardo offers a funded benefits package, learning and development opportunities, and flexible working hours. Our benefits include private healthcare, dental schemes, workplace ISA, green car schemes, and a lifestyle allowance.
Holidays include 25 days plus bank holidays, with options to buy/sell leave and accrue additional flexi days. The pension scheme offers up to 15% employer contributions. We support wellbeing through assistance programs, mental health support, and diversity networks. Additional benefits include discounted gym memberships, cycle schemes, free online courses via Coursera, referral incentives, and bonuses for management-level employees.
#J-18808-Ljbffr