Principal Security Engineer

The Role: Synoptix are expanding their Cyber Security capability by applying it to Systems Thinking, allowing for delivery of Cyber Security Solutions to both defence and commercial clients.

We are looking for a technically strong, client-focused Principal Security Engineer to support the development, implementation, and assurance of secure system architectures and solutions. This role sits within our Secure by Design capability and supports both internal development projects and external client engagements. Working alongside the existing team, contributing to security requirements definition, risk assessments, technical security design, and security documentation for both internal platforms and client systems.

Dynamic Working: A blend of home and office-based working is encouraged.

• Lead and Deliver Cyber Security work packages to clients, this includes applying Systems Engineering methodologies into Cyber solutions.
  • Risk identification and management
  • Requirements Capture
  • Validation
  • Verification
• Be responsible for the technical content of client deliverables, for example.
  • Security Management Plans
  • Security Case Report following Secure by Design through life principals
  • Verification Plans
  • Validation Test Schedules and Reporting
  • Penetration Test Remedial Action Plans
• Managing Risk Appetite and Risk Analysis Assessments
• Support the Sales and Business Development team in winning work through the generation of proposals and support to client meetings.
• Represent Synoptix at conferences, symposia, and trade shows.
• Lead Cyber security related research programmes with Academia.
• Represent the client and Synoptix at both internal and external customer facing security working groups.
• Delivering Key Management in accordance with agreed management plans.
• Assist in the further development of the Synoptix Cyber security capability.

• Knowledge of Secure by Design principles
• Experience in system security engineering, ideally in defence, space, or critical infrastructure
• Familiarity with MOD, NCSC, and ISO standards (e.g. ISO 27001/2, NIST 800-series, JSP 604)
• Competence in requirements engineering and systems thinking
• Practical experience with security in software and/or system development environments
• Effective communication and report-writing skills
• Ability to work independently as well as collaboratively within multidisciplinary teams

• CISSP, CISM, or relevant NCSC-certified qualifications
• Experience with model-based systems engineering (MBSE)
• Experience supporting formal security assurance processes
• Understanding of space system architectures or satellite communications
• DevSecOps awareness or experience with security automation

• Annual Company Bonus
• 25 Days holiday not including bank holidays with the option to buy/sell up to 5 days
• Competitive pension contribution
• Continuous professional development including incentives
• Access to online Udemy training facility
• Flexible working arrangements
• Bike to work scheme
• Electric car scheme
• Private health care
• Job well done scheme

Please note that due to the nature of our projects we can only accept Sole UK National candidates who will need to be eligible to obtain UK Security Clearance.

By applying for this position, you are confirming that you consent to the retention of your personal data. Your data is held securely on our own premises and under the terms of the Data Protection Act (2018). It will be treated as confidential, and will not be transferred to any third party, or to any other jurisdiction without your consent. We will not hold any data for any longer than is necessary for us to fulfil our obligations and will remove any data at your written request.