Lead Security Engineer

Our Cyber and Electromagnetic Activities (CEMA) department is championing interoperability with partners, allies, and NATO to get the right information to the right place at the speed of relevance.

CEMA is currently recruiting for a highly motivated Lead Security Engineer to join their team. The role requires you to be based onsite at one of the following locations: Basildon, Southampton, Luton, or Bristol. Occasional travel to customers, suppliers, and other Leonardo sites in the UK and overseas will also be required.

As a Lead Security Engineer, you will provide Security Assurance to support product development and delivery, ensuring alignment with Secure by Design principles. You will oversee security protocols, tools, and practices to meet standards and legislation, working closely with Integrated Product Teams (IPT) and specialists from other disciplines (Software, Systems, Electronics) throughout the product lifecycle.

Responsibilities include:

• Providing independent Information Assurance (IA) assessments during design reviews and on artefacts.
• Contributing to the wider Product IA and Security community within Leonardo Electronics UK, influencing policies and guidance.
• Generating Security Management Plans, Risk Assessments, and Security Design documentation.
• Supporting Product Design Reviews and Security deliverables such as Product Integrity certificates and security cases.

What you’ll bring:

You should have experience managing security risks for highly regulated products based on recognized frameworks, with a good understanding of engineering development lifecycles and product security specialization.

• An engineering degree with at least 5 years’ experience in product security and relevant certifications (CISSP, CISM, or equivalent).
• Practical experience with risk management frameworks (NIST SP800-37, ISO27001).
• Experience with risk assessment processes (NIST SP800-30, ISO 27005).
• Knowledge of security controls (NIST SP800-53, ISO27002).
• Understanding of Secure by Design requirements (ISN 2023/09).
• Proven ability to write IA Technical Risk Assessments and manage them.
• Ability to interpret Penetration Test Reports and develop Remediation Action Plans.
• An awareness of UK Government Assurance Processes (JSP 440, DEFSTAN 05-139, CAF GovAssure).

This list is not exhaustive; we welcome candidates with varying experience levels. The most important qualities are a positive attitude and willingness to learn.

Security Clearance:

This role requires pre-employment screening in line with the UK Government’s BPSS. Additional vetting (NSV) such as Security Check (SC) or Developed Vetting (DV) may be necessary. More information can be found at: https://careers.uk.leonardo.com/gb/en/security-and-vetting

We offer a comprehensive benefits package supporting wellbeing, career growth, and work-life balance, including generous leave, pension scheme, mental health support, online learning, flexible benefits, and hybrid working options.

Leonardo is a global leader in Aerospace, Defence, and Security, with over 53,000 employees worldwide. We are committed to an inclusive and accessible workplace. If you require accessibility support during recruitment, please inform us.

Note: If you are not a passport holder of the country where the role is based, you may need a work permit. All applications should be submitted via the 'Apply now' button. Please do not include bank or payment details in your application.

Created on 16/07/2025 by TN United Kingdom