Lead Security Engineer (contract), Watford, Hertfordshire
Client: CBSbutler
Location: Watford, Hertfordshire, United Kingdom
Job Category: Other
EU work permit required: Yes
Job Views: 4
Posted: 06.06.2025
Expiry Date: 21.07.2025
Job Description:
Lead Security Engineer
* 12 month minimum contract
We are seeking an experienced Lead Security Engineer with expertise in developing and maintaining product security management systems for defence and government customers.
This position reports to the Head of Engineering Projects and is responsible for all security aspects of product design, development, verification, and maintenance throughout the product lifecycle.
The role involves conducting security risk assessments, preparing mitigation plans, deriving security requirements, and working with development teams to implement security controls and produce security artefacts.
Key Responsibilities:
* Producing Security Management Plans, work package descriptions, and cost estimates for bids and proposals.
* Conducting security risk assessments, mitigation plans, gap analysis, and supporting system accreditation.
* Defining security requirements, advising on standards, and overseeing development activities.
* Liaising with Security Accreditors and Assurance Coordinators for accreditation.
* Preparing Protection Profiles, Security Targets, Evaluation Plans, and liaising with evaluation teams.
* Preparing TEMPEST Control Plans and advising on implementation techniques.
* Supporting platform lockdown, configurations, penetration testing, and remedial actions.
* Managing product security throughout its lifecycle, including vulnerability and patch management.
* Leading security incident management during crises.
Candidate Requirements:
* Experience with security solutions for military and/or commercial products.
* Senior-level NCSC certification or recognized qualification (e.g., ISC2 CISSP).
* Knowledge of UK/NATO standards, ISO27000, NIST, JSP standards, and guidance from NCSC, CPNI, NIST.
* Experience producing Security Accreditation documentation.
* Knowledge of security evaluation techniques like NCSC and Common Criteria.
* Understanding of current cryptography technologies and key management.
* Knowledge of Model-Based System Engineering (MBSE).
#J-18808-Ljbffr