Product Security Engineer
Are you an experienced security professional with a strong background in Information Assurance, Security by Design, and project security risk? Do you want to work on genuinely complex, high-stakes products in an environment where your expertise will be valued and your career actively developed?
We're working with a specialist, highly respected technology business to find a Product Security Engineer to join their team. This is a hybrid role with a minimum of 2 days per week on site — though the nature of the work means there will be weeks where full on-site presence is required.
This role is open to candidates ideally based in Surrey or Dorset.
Important: This role requires SC Security Clearance. Applicants must be UK nationals.
What you'll be doing:
→ Undertaking project security risk analysis and ensuring security deliverables are developed and delivered in line with customer requirements
→ Developing and implementing Product Security Policies aligned to SbD principles
→ Chairing internal and external project security reviews and working groups
→ Producing and delivering project documentation in line with Information Assurance frameworks
→ Contributing manpower estimates to the bid process
→ Working closely with engineering, product development and QA teams to embed security best practice throughout the product lifecycle
→ Supporting the wider Supportability function as required
What we're looking for — essential:
✔ Proven experience in project security planning and implementation (e.g. NIST 800 series)
✔ Experience delivering project documentation using Security by Design (SbD) principles
✔ Strong background in Information Assurance — RMADS, SbD documentation, CESG Good Practice Guides
✔ Experience in security risk assessment methodologies (e.g. NCSC)
✔ Able to work autonomously and adapt quickly to changing project demands
✔ Excellent communication, literacy, and MS Office skills
✔ SC cleared or eligible to obtain SC clearance
Nice to have:
★ Risk Management or DevSecOps experience
★ Knowledge of TEMPEST or Electromagnetic Compatibility
★ Familiarity with Defence Security Standards (Def Stan 05-138, 05-139, JSP440, Security Policy Framework)
★ Background in Defence, MoD, or serving military
What's in it for you:
Up to 24 additional holiday days per year via paid overtime or TOIL
Private medical care — access to 50+ private clinics and hospitals nationwide
Christmas closedown — most staff off from 24th December to 2nd January
Competitive employer-matched pension scheme
Company tech provided — laptop, mobile and home office equipment
Salary sacrifice schemes — bikes, tech and more
Gym discounts (plus onsite gym)
Flexible core hours: 09:30–12:00 & 14:00–16:00
Committed investment in training, upskilling, and career development
Relocation package available
This is a rare opportunity to join a business offering genuine vertical and lifecycle exposure — you shape the direction of your own career here.