Product Security Engineer (Greater Bristol Area)

Product Security Engineer

Location: Bristol Hybrid

Security Clearance: SC (Eligible for Clearance)

Are you passionate about building secure systems from the ground up?

We’re looking for a Product Security Engineer to play a key role in designing and safeguarding the next generation of software, hardware, and service products.

In this role, you will be responsible for embedding security throughout the product lifecycle — from initial design to deployment — by identifying vulnerabilities, conducting risk assessments, and guiding teams with secure development practices.

What You’ll Be Doing:

• Performing product risk assessments and identifying vulnerabilities across platforms.
• Collaborating with developers to integrate secure coding practices from the start.
• Leading threat modelling exercises and developing mitigation strategies.
• Conducting security code reviews and offering guidance to ensure a secure-by-design approach.
• Ensuring products meet key regulatory standards (ISO 27001, NIST 800 series, JSPs, Def Stans).
• Authoring vital security documentation, including RMADS and Security Assurance Documents.
• Performing penetration testing and coordinating remediation efforts.

What You Bring:

• A solid understanding of security frameworks such as ISO 27001/2, ISO 31000, NIST 800-30/37/53.
• Hands-on experience with Defence Standards (JSPs, HMG, Def Stan 05-138/139).
• Strong knowledge of security testing tools and techniques.
• Excellent communication skills — able to explain complex risks and solutions clearly.
• A proactive, problem-solving mindset with a high level of personal integrity and professional ethics.
• Experience with NIST standards. (this is an absolute must)

You'll Succeed Here If You:

• Thrive on solving complex problems with innovative, practical solutions.
• Communicate clearly, confidently, and with empathy.
• Are driven by quality, detail, and delivering secure products that exceed customer expectations.
• Adapt well to pressure and enjoy working in fast-paced, multi-disciplinary environments.

This role reports directly to the Head of Product Security and offers an excellent opportunity to make a meaningful impact on critical technology projects. If you’re ready to play a pivotal role in shaping secure and resilient systems, we’d love to hear from you.