Product Security Engineer

Product Security Engineer

Location: Bristol Hybrid

Security Clearance: SC (Eligible for Clearance)

The full job description covers all associated skills, previous experience, and any qualifications that applicants are expected to have.

Are you passionate about building secure systems from the ground up?

We’re looking for a Product Security Engineer to play a key role in designing and safeguarding the next generation of software, hardware, and service products.

In this role, you will be responsible for embedding security throughout the product lifecycle — from initial design to deployment — by identifying vulnerabilities, conducting risk assessments, and guiding teams with secure development practices.

What You’ll Be Doing:

• Performing product risk assessments and identifying vulnerabilities across platforms.
• Collaborating with developers to integrate secure coding practices from the start.
• Leading threat modelling exercises and developing mitigation strategies.
• Conducting security code reviews and offering guidance to ensure a secure-by-design approach.
• Ensuring products meet key regulatory standards (ISO 27001, NIST 800 series, JSPs, Def Stans).
• Authoring vital security documentation, including RMADS and Security Assurance Documents.
• Performing penetration testing and coordinating remediation efforts.

What You Bring:

• A solid understanding of security frameworks such as ISO 27001/2, ISO 31000, NIST 800-30/37/53.
• Hands-on experience with Defence Standards (JSPs, HMG, Def Stan 05-138/139).
• Strong knowledge of security testing tools and techniques.
• Excellent communication skills — able to explain complex risks and solutions clearly.
• A proactive, problem-solving mindset with a high level of personal integrity and professional ethics.
• Experience with NIST standards. (this is an absolute must)

You'll Succeed Here If You:

• Thrive on solving complex problems with innovative, practical solutions.
• Communicate clearly, confidently, and with empathy.
• Are driven by quality, detail, and delivering secure products that exceed customer expectations.
• Adapt well to pressure and enjoy working in fast-paced, multi-disciplinary environments.

This role reports directly to the Head of Product Security and offers an excellent opportunity to make a meaningful impact on critical technology projects. If you’re ready to play a pivotal role in shaping secure and resilient systems, we’d love to hear from you.