Chief Product Security Engineer

Leonardo, Southampton, England, United Kingdom

Join to apply for the Chief Product Security Engineer role at Leonardo

Leonardo, Southampton, England, United Kingdom

1 day ago Be among the first 25 applicants

Join to apply for the Chief Product Security Engineer role at Leonardo

Get AI-powered advice on this job and more exclusive features.

The opportunity:

Job Description

The opportunity: At Leonardo, we have a fantastic opportunity for a Chief Product Security Engineer to join our team within the Customer Support and Service Solutions (CS3) line of business. CS3 operates across the UK, providing innovative and invaluable support solutions to our customers. We help to ensure the availability of front-line capability wherever and whenever required.

We are looking for an experienced product security practitioner with expertise in developing and maintaining robust product security management systems for defence and government customers.

Within CS3, the term 'product' can include both in-service equipment and the support solutions/services provided to customers, which are developed. The Chief Product Security Engineer will be responsible for ensuring that all security aspects of the design, development, verification, and maintenance of this range of products, through all phases of their lifecycle, are completed in accordance with policy and process. They will work closely with development teams to provide guidance on security controls.

What you’ll do as a Chief Product Security Engineer:

1. Provide security advice and support to product development teams, including deriving security requirements, undertaking security risk assessments, preparing mitigation plans, reviewing security management plans, maintaining security policies, producing security metrics, managing attendance at external security forums, supporting the Security Special Interest Group, and leading security incident management teams during crises.
2. Maintain and monitor security processes and competence frameworks, assess security competence, chair and maintain a security Community of Interest, promote security awareness, and train engineering teams on security frameworks, policies, and processes.

Candidate requirements:

• Experience in developing security risk management systems for diverse products/services, complying with customer, regulatory, and legislative standards.
• Knowledge of legislation such as IPA, DPA, Official Secrets Act.
• Registered NCSC Certified Professional at lead level or equivalent qualification.
• Understanding of UK/NATO IA standards, HMG Security Policy Framework, ISO security standards, RTCA DO326A.
• Experience with incident investigation, NCSC and Common Criteria evaluations, cryptography, key management, and COMSEC.
• Ability to identify future security needs, deliver training, and present awareness sessions.
• Understanding of product security implications for safety, effective communication skills, and experience in regulatory compliance like MAA DAOS, ARP4754.
• Knowledge of operational security risks, innovative security management, and familiarity with UK Government or NATO advisory boards.
• Active membership in external security groups or forums.

Security Clearance: Must be eligible for full security clearance. For details, visit: UK Security Vetting Levels

Life at Leonardo: We offer a comprehensive benefits package, learning opportunities, flexible working, private healthcare, pension schemes, wellbeing support, lifestyle discounts, training via Coursera, referral incentives, and bonuses.

Leonardo is a global high-tech company in Aerospace, Defence, and Security, headquartered in Italy, with over 45,000 employees worldwide, including 8,000 in the UK.

We value diversity and inclusion, fostering a culture where everyone can thrive and feel safe.

This is an excellent opportunity to contribute your skills and grow with Leonardo. Join us and help shape our future.

Primary Location: GB - Bristol - Coldharbour Lane

Additional Locations: GB - Basildon, Edinburgh, Luton, Newcastle, Southampton

Contract Type: Hybrid Working

• Mid-Senior level

• Full-time

• Information Technology

• Defense and Space Manufacturing