Product Security Engineer

An exciting opportunity has arisen with a highly adaptable and innovative Surrey, UK-based defence engineering organisation, specialising in advanced technology solutions across complex and secure environments. The company is seeking a Product Security Engineer to play a pivotal role across the full product development lifecycle - from early-stage design through to in-service support - ensuring robust security assurance in line with Secure by Design (SbD) principles).

As a Product Security Engineer, you will work across multiple projects, collaborating with engineering, product development and quality teams to embed security best practices throughout the lifecycle. You will focus on minimising cyber vulnerabilities and reducing the risk of system misuse or exploitation, ensuring all security deliverables meet stringent customer and regulatory requirements.

Key Responsibilities for the Product Security Engineer based in Surrey:

• Conduct security risk assessments (e.G. NCSC methodologies)
• Develop and deliver security artefacts in line with customer requirements
• Implement Secure by Design (SbD) principles across projects
• Support bids with security planning and estimates
• Lead and contribute to security reviews and working groups
• Collaborate with engineering and product teams throughout the lifecycle

Key skills & experience required for the role of Product Security Engineer based in Surrey

• Experience in project security planning and implementation (e.G. NIST 800 series).
• Strong background in Secure by Design principles and security-focused documentation.
• Experience in Information Assurance frameworks (e.G. CESG Good Practice Guides).
• Proven capability in security risk assessment (e.G. NCSC methodologies).
• Excellent communication and documentation skills.
• Collaborative team player with the ability to work autonomously.
• Adaptable and agile in response to changing project requirements.
• Highly competent in Microsoft Office and general IT systems.
• Eligible for UK Security Clearance (SC).

Desirable: Defence / MoD experience, DevSecOps, EMC/TEMPEST, knowledge of Defence Standards

Benefits:

• Hybrid working (usually 2 days a week in the office) plus flexible working (core hours)
• Paid overtime or TOIL (up to 24 extra days)
• Private medical care & competitive pension
• Christmas shutdown
• Training & development opportunities
• Gym benefits, tech schemes & relocation support

This is a fantastic opportunity to join a forward-thinking engineering business offering varied, career-enhancing work across secure and complex projects.

To apply please send your CV to (url removed), or for more information contact Chuck Lam on (phone number removed).