Principal Engineer - Product Security (Product Security Analyst) Rate: 63.21 PAYE / 85.40 UMB Duration: 12 months (long-term potential) Location: multiple site locations available (approx. 2.5 days on site per week) Hours: 37 per week, early finish Friday possible Start: ASAP Clearance: Must be eligible for UK Security Clearance IMPORTANT: Candidates previously interviewed or rejected under role V05235 must not be resubmitted. About the Role We are seeking a highly skilled Principal Engineer - Product Security to join the Product Security Engineering (PSyE) team, supporting industry-leading submarine programmes. This position acts as a central point for security, assurance, and information risk, ensuring that submarine systems and products are delivered, operated and supported securely throughout their lifecycle. You will apply deep technical expertise to advise stakeholders, shape security strategy, undertake risk assessments, support secure system development, and ensure compliance with MOD, government and internal security standards. This is a rare opportunity to influence major new IT and submarine-related projects-ideal for candidates with experience in cyber-physical environments and complex defence systems. Key Responsibilities Provide expert Product Security advice to System Engineers, Technical Authorities and Engineering Managers. Analyse systems, architectures and concepts of use to identify threats and attack surfaces. Select, apply and promote appropriate Product Security techniques across programmes. Conduct and document information and product security risk assessments using recognised methodologies. Define and recommend controls aligned with MOD/government policies and good practice. Contribute to Product Security strategies, policies, guidance and secure development practices. Present risks and mitigation options to internal and external stakeholders. Support design reviews throughout the engineering lifecycle. Provide specialist input into RMADS, security documentation, verification plans, TNAs and incident management activities. Mentor junior engineers and contribute to continuous improvement. Ideal Candidate Background Candidates will typically come from one or more of the following environments: Submarine or wider maritime IT projects Cyber-physical systems Functional safety-critical environments Complex change management environments New-build or greenfield IT programmes (not legacy-heavy background) Skills & Qualifications Strong background in Product Security, Information Security or Cyber Engineering. Proven experience conducting security risk assessments and defining requirements. Ability to articulate risk, threats and controls to technical and non-technical stakeholders. Experience across the engineering lifecycle within defence, maritime or a related domain. Degree in a relevant STEM discipline (or equivalent experience). Chartered Cyber Professional (CCP/SIRA) - expected or able to achieve . Membership of a relevant professional institute preferred.
Dec 02, 2025
Contractor
Principal Engineer - Product Security (Product Security Analyst) Rate: 63.21 PAYE / 85.40 UMB Duration: 12 months (long-term potential) Location: multiple site locations available (approx. 2.5 days on site per week) Hours: 37 per week, early finish Friday possible Start: ASAP Clearance: Must be eligible for UK Security Clearance IMPORTANT: Candidates previously interviewed or rejected under role V05235 must not be resubmitted. About the Role We are seeking a highly skilled Principal Engineer - Product Security to join the Product Security Engineering (PSyE) team, supporting industry-leading submarine programmes. This position acts as a central point for security, assurance, and information risk, ensuring that submarine systems and products are delivered, operated and supported securely throughout their lifecycle. You will apply deep technical expertise to advise stakeholders, shape security strategy, undertake risk assessments, support secure system development, and ensure compliance with MOD, government and internal security standards. This is a rare opportunity to influence major new IT and submarine-related projects-ideal for candidates with experience in cyber-physical environments and complex defence systems. Key Responsibilities Provide expert Product Security advice to System Engineers, Technical Authorities and Engineering Managers. Analyse systems, architectures and concepts of use to identify threats and attack surfaces. Select, apply and promote appropriate Product Security techniques across programmes. Conduct and document information and product security risk assessments using recognised methodologies. Define and recommend controls aligned with MOD/government policies and good practice. Contribute to Product Security strategies, policies, guidance and secure development practices. Present risks and mitigation options to internal and external stakeholders. Support design reviews throughout the engineering lifecycle. Provide specialist input into RMADS, security documentation, verification plans, TNAs and incident management activities. Mentor junior engineers and contribute to continuous improvement. Ideal Candidate Background Candidates will typically come from one or more of the following environments: Submarine or wider maritime IT projects Cyber-physical systems Functional safety-critical environments Complex change management environments New-build or greenfield IT programmes (not legacy-heavy background) Skills & Qualifications Strong background in Product Security, Information Security or Cyber Engineering. Proven experience conducting security risk assessments and defining requirements. Ability to articulate risk, threats and controls to technical and non-technical stakeholders. Experience across the engineering lifecycle within defence, maritime or a related domain. Degree in a relevant STEM discipline (or equivalent experience). Chartered Cyber Professional (CCP/SIRA) - expected or able to achieve . Membership of a relevant professional institute preferred.
Cyber Security Supply Chain Analyst Location: Remote Contract: Inside IR35 Day rate: Up to £670 per day Duration: 6 Months Start date: ASAP Key skills: Supply Chain, Risk Management, TPRM process, NCSC CAF framework We have an opportunity with one of the UK's biggest Retailers who have a network of branches nationwide. MI & Data Automation Analyst, you will play a pivotal role in delivering intelligent automation solutions, integrating multiple Microsoft technologies, and driving real business value. Cyber Security Supply Chain specialist will work with the CISO function and wider business functions responsible for facilitating supplier onboarding, operational management and offboarding activities, to review, establish and drive adoption of a revised target operating model for supplier security risk management. The goal is to ensure that the Client has a robust and continually managed enterprise-wide supplier cyber risk assessment process to reduce exposure to potential compromise of security, compliance or operational integrity of its supply chain. Principal accountabilities: - Key point of contact and subject matter expertise for third-party risk guidance - Oversee the review of target supply chain risk assessment processes, establishing agreed recommendations and operating model in accordance with the National Cyber Security Centre Cyber Assessment Framework principles - Product and communicate artefacts associated with the above, such as detailed reports and processes - Help facilitate the adoption of target supply chain cyber risk assessment processes within CISO function, including optimisation of any associated software tooling. Knowledge, experience and skills : - Demonstrable experience leading TPRM process maturity reviews - Understanding of best practice supply chain principles, ideally aligned to the NCSC CAF framework (CAF A4) - Operated as a subject matter expert within transformation projects/programmes - Report writing and delivery at all levels - Ability to bring disparate groups together to work in teams - Excellent communication and facilitation skills, with the ability to translate technical information into actionable business language for communications with key stakeholders - Experience utilising TPRM software to initiate and track supplier cyber risk assessments (such as Risk Ledger) - Cyber Security related certification such as CRISC, GIAC, CISM, CISSP desirable
Dec 02, 2025
Contractor
Cyber Security Supply Chain Analyst Location: Remote Contract: Inside IR35 Day rate: Up to £670 per day Duration: 6 Months Start date: ASAP Key skills: Supply Chain, Risk Management, TPRM process, NCSC CAF framework We have an opportunity with one of the UK's biggest Retailers who have a network of branches nationwide. MI & Data Automation Analyst, you will play a pivotal role in delivering intelligent automation solutions, integrating multiple Microsoft technologies, and driving real business value. Cyber Security Supply Chain specialist will work with the CISO function and wider business functions responsible for facilitating supplier onboarding, operational management and offboarding activities, to review, establish and drive adoption of a revised target operating model for supplier security risk management. The goal is to ensure that the Client has a robust and continually managed enterprise-wide supplier cyber risk assessment process to reduce exposure to potential compromise of security, compliance or operational integrity of its supply chain. Principal accountabilities: - Key point of contact and subject matter expertise for third-party risk guidance - Oversee the review of target supply chain risk assessment processes, establishing agreed recommendations and operating model in accordance with the National Cyber Security Centre Cyber Assessment Framework principles - Product and communicate artefacts associated with the above, such as detailed reports and processes - Help facilitate the adoption of target supply chain cyber risk assessment processes within CISO function, including optimisation of any associated software tooling. Knowledge, experience and skills : - Demonstrable experience leading TPRM process maturity reviews - Understanding of best practice supply chain principles, ideally aligned to the NCSC CAF framework (CAF A4) - Operated as a subject matter expert within transformation projects/programmes - Report writing and delivery at all levels - Ability to bring disparate groups together to work in teams - Excellent communication and facilitation skills, with the ability to translate technical information into actionable business language for communications with key stakeholders - Experience utilising TPRM software to initiate and track supplier cyber risk assessments (such as Risk Ledger) - Cyber Security related certification such as CRISC, GIAC, CISM, CISSP desirable
Principal Product Security Engineer 6 Month Contract Frimley Based £85.40 an hour Umbrella Inside IR35 This is a great opportunity to work within one of the UKs leading Defence companies based in Frimley. Knowledge, Skills and Qualifications Knowledge: The PSA Principal Engineer will have a good understanding of the applicable regulations, standards, policies and guidance on information risk managemen click apply for full job details
Dec 01, 2025
Contractor
Principal Product Security Engineer 6 Month Contract Frimley Based £85.40 an hour Umbrella Inside IR35 This is a great opportunity to work within one of the UKs leading Defence companies based in Frimley. Knowledge, Skills and Qualifications Knowledge: The PSA Principal Engineer will have a good understanding of the applicable regulations, standards, policies and guidance on information risk managemen click apply for full job details
