Enable job alerts via email!

Product Security Engineer

ZipRecruiter

Bristol

Hybrid

GBP 50,000 - 90,000

Full time

2 days ago

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

An innovative firm is seeking a Product Security Engineer to enhance the security of software and hardware products. This role involves embedding security practices throughout the product lifecycle, from design to deployment. You will conduct risk assessments, lead threat modeling exercises, and ensure compliance with key regulatory standards. If you thrive on solving complex security challenges and have a proactive mindset, this opportunity allows you to make a significant impact on critical technology projects in a collaborative environment.

Qualifications

Solid understanding of security frameworks like ISO 27001/2 and NIST.
Hands-on experience with Defence Standards and security testing tools.

Responsibilities

Performing product risk assessments and identifying vulnerabilities.
Leading threat modelling exercises and developing mitigation strategies.
Conducting security code reviews and ensuring a secure-by-design approach.

Skills

Security frameworks (ISO 27001/2, NIST 800)

Security testing tools and techniques

Communication skills

Problem-solving mindset

Experience with NIST standards

Job Description

Product Security Engineer

Location: Bristol Hybrid

Security Clearance: SC (Eligible for Clearance)

Are you passionate about building secure systems from the ground up?

We’re looking for a Product Security Engineer to play a key role in designing and safeguarding the next of software, hardware, and service products.

In this role, you will be responsible for embedding security throughout the product lifecycle — from initial design to deployment — by identifying vulnerabilities, conducting risk assessments, and guiding teams with secure development practices.

What You’ll Be Doing:

Performing product risk assessments and identifying vulnerabilities across platforms.
Collaborating with developers to integrate secure coding practices from the start.
Leading threat modelling exercises and developing mitigation strategies.
Conducting security code reviews and offering guidance to ensure a secure-by-design approach.
Ensuring products meet key regulatory standards (ISO 27001, NIST 800 series, JSPs, Def Stans).
Authoring vital security documentation, including RMADS and Security Assurance Documents.
Performing penetration testing and coordinating remediation efforts.

What You Bring:

A solid understanding of security frameworks such as ISO 27001/2, ISO 31000, NIST 800-30/37/53.
Hands-on experience with Defence Standards (JSPs, HMG, Def Stan 05-138/139).
Strong knowledge of security testing tools and techniques.
Excellent communication skills — able to explain complex risks and solutions clearly.
A proactive, problem-solving mindset with a high level of personal integrity and professional ethics.
Experience with NIST standards. (this is an absolute must)

You'll Succeed Here If You:

Thrive on solving complex problems with innovative, practical solutions.
Communicate clearly, confidently, and with empathy.
Are driven by quality, detail, and delivering secure products that exceed customer expectations.
Adapt well to pressure and enjoy working in fast-paced, multi-disciplinary environments.

This role reports directly to the Head of Product Security and offers an excellent opportunity to make a meaningful impact on critical technology projects. If you’re ready to play a pivotal role in shaping secure and resilient systems, we’d love to hear from you.

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.

Similar jobs