Principal Engineer - Product Security

Rate: £63.21 PAYE / £85.40 UMB
Duration: 12 months (long-term potential)
Location: multiple site locations available (approx. 2.5 days on site per week)
Hours: 37 per week, early finish Friday possible
Start: ASAP
Clearance: Must be eligible for UK Security Clearance
IMPORTANT: Candidates previously interviewed or rejected under role V05235 must not be resubmitted.

We are seeking a highly skilled Principal Engineer - Product Security to join the Product Security Engineering (PSyE) team, supporting industry-leading submarine programmes. This position acts as a central point for security, assurance, and information risk, ensuring that submarine systems and products are delivered, operated and supported securely throughout their lifecycle.

You will apply deep technical expertise to advise stakeholders, shape security strategy, undertake risk assessments, support secure system development, and ensure compliance with MOD, government and internal security standards.

This is a rare opportunity to influence major new IT and submarine-related projects-ideal for candidates with experience in cyber-physical environments and complex defence systems.

• Provide expert Product Security advice to System Engineers, Technical Authorities and Engineering Managers.

• Analyse systems, architectures and concepts of use to identify threats and attack surfaces.

• Select, apply and promote appropriate Product Security techniques across programmes.

• Conduct and document information and product security risk assessments using recognised methodologies.

• Define and recommend controls aligned with MOD/government policies and good practice.

• Contribute to Product Security strategies, policies, guidance and secure development practices.

• Present risks and mitigation options to internal and external stakeholders.

• Support design reviews throughout the engineering lifecycle.

• Provide specialist input into RMADS, security documentation, verification plans, TNAs and incident management activities.

• Mentor junior engineers and contribute to continuous improvement.

Candidates will typically come from one or more of the following environments:

• Submarine or wider maritime IT projects

• Cyber-physical systems

• Functional safety-critical environments

• Complex change management environments

• New-build or greenfield IT programmes (not legacy-heavy background)

• Strong background in Product Security, Information Security or Cyber Engineering.

• Proven experience conducting security risk assessments and defining requirements.

• Ability to articulate risk, threats and controls to technical and non-technical stakeholders.

• Experience across the engineering lifecycle within defence, maritime or a related domain.

• Degree in a relevant STEM discipline (or equivalent experience).

• Chartered Cyber Professional (CCP/SIRA) - expected or able to achieve.

• Membership of a relevant professional institute preferred.