Principal Security Consultant

Job Description:

The opportunity:

Leonardo UK is seeking a proven and experienced Principal Consultant to join the Cyber & Security Solutions Division team. This role focuses on delivering one of the company's core products to an existing customer. You will lead a team overseeing, coordinating, and delivering all aspects of cyber and information security throughout the engineering lifecycle—from requirements to in-service support and maintenance.

This is an exciting opportunity at the start of a significant programme, ensuring the product and its deliverables are secure and meet customer requirements and risk appetite. You will be supported by a larger consulting team, engineers, and product domain specialists.

Work at Leonardo UK involves solving customer problems in an agile, innovative, and team-centric manner. The role may involve a hybrid working model, combining remote work and on-site presence at one of our offices or with customers.

Talk to us to find out more.

• Lead a team to meet all aspects of cyber and information security delivery across the engineering lifecycle.
• Interpret customer requirements into actionable security management plans, statements of work, and activities.
• Become the lead security SME for the product being delivered.
• Oversee and deliver statements of work and artefacts within time, cost, and quality constraints.
• Identify, manage, and escalate technical and delivery risks and issues.
• Manage customer relationships for the cyber and information security workstream, both internally and externally.
• Line management and mentoring of consultants within your team as required.

In addition to a passion for cyber and information security, ideally you need to have:

• Ability to work independently without supervision and make sound decisions based on available facts.
• Excellent written and verbal communication skills at all levels, both internally and with customers.
• Core consulting skills—building client relations, adaptability, reliability, quality, flexibility in working hours and locations, and being a team player.
• Managing risks and services in accordance with customer, regulatory, and legislative expectations.

• A degree and/or master's in cyber security or a systems/software engineering discipline, or relevant experience.
• At least two recognized professional cyber security certifications such as CISSP, CISM, CASP/SecurityX, or Chartership or comparable in a security discipline (e.g., ChCSP).

• Understanding of MOD accreditation and secure by design processes (ISN2023/09) and associated policies across the lifecycle.
• Experience applying standards like NIST SP 800-30, 37, 53, and RTCA-DO-326A/B, 355A, 356A.
• Knowledge of Defence security standards such as Defstan 05-138 & 05-139.
• Experience with proprietary and open-source software, firmware, and hardware security.
• Developing, evaluating, and analyzing design constraints and security designs related to the cyber domain.
• Decomposing cyber and security requirements to system control levels.
• Conducting risk assessments, threat modeling, vulnerability analysis, and mitigation strategies.
• Managing security verification, validation, and remedial plans.
• Coordinating with engineers, architects, and developers to guide secure solutions and configurations.

• Understanding of the engineering lifecycle and key gate review activities.
• Knowledge of current cryptographic technologies, Key Management Systems, COMSEC implementations, and MOD/NCSC standards.
• Experience with ARP4754A/ARP4761 and their relation to security.

You must be eligible for full security clearance. For more info, visit: https://www.gov.uk/government/publications/united-kingdom-security-vetting-clearance-levels

With a comprehensive benefits package, commitment to learning, and flexible working hours, a career with Leonardo offers many opportunities for growth.

• Flexible Working: Hybrid options available.
• Benefits: Private healthcare, dental, Workplace ISA, Go Green Car Scheme, tech and lifestyle allowances (£500/year).
• Holidays: 25 days plus bank holidays, with options to buy/sell leave and accrue up to 12 flex days.
• Pension: Up to 15% employer contribution.
• Wellbeing: Employee Assistance Programme, mental health support, financial wellbeing, diversity & inclusion initiatives.
• Other Perks: Cycle to work, online courses via Coursera, referral rewards, management bonuses.

For full benefits, visit our website.

Leonardo is a global high-tech company in Aerospace, Defence, and Security, with over 45,000 employees worldwide, including 8,000 in the UK.

The Cyber & Security Division (CSD) is a key innovator, supporting digital transformation and security across civil and defence markets. Our Cyber Consulting Practice, part of CSD, works across sectors including Defence, Telecoms, Energy, and Finance, and is certified by the UK NCSC.

We value diversity and inclusion, fostering a culture where everyone can thrive and feel safe.

This is an excellent opportunity to contribute your talents and grow with Leonardo. Join us!

Primary Location: GB - Yeovil - Lysander Rd

Additional Locations: GB - Bristol - Coldharbour Lane

Contract Type:

Hybrid Working: Yes