Overview
Head of Product Security Capability (UK) at Leonardo. Location: hybrid working across UK sites including Edinburgh, Luton, Basildon, Southampton, Newcastle, Bristol and Lincoln. The role is in the Electronics division (LEUK) and coordinates product cyber resilience activities to ensure continued product compliance with internal and external cyber security standards. You will work with the senior leadership team within Product Security across all lines of business and have responsibility for the Electronics UK Product Security and Information Management System, security tools and processes and their effectiveness. You will also lead the Product Compliance Team Product Security Working Group. Internal applicants should note that the internal job title for this role is Product Cyber Resilience Officer.
Responsibilities
* Partner with technical and business functions across LEUK, including Engineering, Manufacturing, Customer Support, Physical Security and Information Technology, to ensure continued compliance with internal and external cyber security standards specified by national security authorities or international bodies, and with cyber security requirements expressed by customers.
* Maintain the Electronics Product Security and Information Management System, security tools and processes.
* Liaise with external Security Accreditors and Security Assurance Coordinators in support of security accreditation.
* Regularly refresh knowledge of security legislation in the UK, EU and relevant markets for LEUK.
* Advise internal stakeholders to promote security culture and work with security teams to ensure secure working practices are adhered to.
* Develop and deliver training courses and present on Product Security and Information Assurance matters.
* Perform audits of internal and external subcontract teams to assure that security and Information Assurance requirements are achieved.
What you’ll bring
* Hands-on experience developing a robust security risk management system for complex products and high-integrity electronic systems in line with customer, regulatory and legislative expectations.
* Familiarity with current legislation (e.g., IPA, DPA, Official Secrets Act).
* Registration with NCSC Certified Professional at lead level, or equivalent NCSC-recognised qualification.
* Knowledge of UK/NATO Information Assurance standards, procedures and systems, including HMG Security Policy Framework, ISO security standards, DO326A.
* Familiarity with incident investigation processes and how to implement an investigation process.
* Practical experience of NCSC and Common Criteria security evaluation techniques and requirements up to High Grade.
* Knowledge of current cryptographic technologies, Key Management Systems and practical COMSEC implementations.
* Background in design implementation of high-integrity complex electronics (e.g., software to DO178C, complex electronics hardware to DO254).
* Understanding of regulatory requirements for products (e.g., MAA DAOS, ARP4754) and how to deliver and maintain products to meet them.
* Understanding of product operating concepts to identify and mitigate functional security risks.
* Knowledge of the role of advisory boards within the UK Government or NATO for security.
Security Clearance
This role is subject to pre-employment screening in line with the UK Government’s Baseline Personnel Security Standard (BPSS). An additional range of National Security Vetting (NSV) may apply, which could include eligibility for Security Check (SC) or Developed Vetting (DV). For more information, visit https://careers.uk.leonardo.com/gb/en/security-and-vetting
Why join us
* Time to Recharge: generous leave with the opportunity to accrue up to 12 additional flexi-days each year.
* Secure your Future: pension scheme with up to 15% employer contribution.
* Your Wellbeing Matters: access to mental health support, financial advice, and employee networks championing inclusion and diversity.
* Rewarding Performance: eligible for our bonus scheme.
* Never Stop Learning: access to 4,000+ online courses via Coursera and LinkedIn Learning.
* Refer a friend: financial reward through our referral programme.
* Tailored Perks: flexible benefits including private healthcare, dental, family cover, discounts, gym memberships and more.
* Flexible working: hybrid options. For part-time opportunities, discuss possibilities.
Location and contract
Primary Location: GB - Bristol - Others
Additional Locations: GB - Basildon, GB - Edinburgh, GB - Lincoln, GB - Luton, GB - Newcastle, GB - Southampton
Contract Type: Permanent
Hybrid Working: Hybrid
Details
* Seniority level: Director
* Employment type: Full-time
* Job function: Information Technology
* Industries: Defense and Space Manufacturing, Aviation and Aerospace Component Manufacturing, and Computer and Network Security
#J-18808-Ljbffr