Product Security Engineer

About
An established engineering organisation operating within the Defence sector is looking for an experienced Project Security Manager to support multiple projects across the full product lifecycle.
This role is critical in ensuring Secure by Design (SbD) principles are embedded throughout product development and that security assurance activities meet customer, regulatory, and Defence security requirements. You will work closely with engineering, product development, quality, and project teams to manage security risks and deliver required security documentation and processes.
Key Responsibilities

• Conduct project security risk assessments and security analysis
• Ensure security deliverables and processes are produced in line with customer and regulatory requirements
• Develop, implement, and maintain product security policies and best practices
• Support bid and proposal activities, including security resource and manpower estimates
• Chair internal and external project security reviews and working groups
• Maintain security artefacts throughout the product lifecycle
• Provide additional support to the wider supportability function when required

Essential Skills & Experience

• Experience in project security planning and implementation (e.g. NIST 800 series)
• Experience producing security documentation using Secure by Design principles
• Background in security and information assurance (e.g. CESG Good Practice Guides)
• Experience conducting security risk assessments (e.g. NCSC methodologies)
• Strong written and verbal communication skills
• Highly organised, collaborative, and able to work autonomously
• Proficient in Microsoft Office
• Eligible for SC UK Security Clearance

Desirable Skills

• Risk management
• DevSecOps
• Electromagnetic Compatibility (EMC)
• TEMPEST
• Familiarity with Defence security standards (e.g. JSP 440, Def Stan 05-138 / 05-139, SPF)
• Previous experience within Defence, MoD, or a regulated security environment