Security Engineer

Department: Engineering

Employment Type: Permanent - Full Time

Location: Bristol, UK

Compensation: GBP 55,000 - GBP 75,000 / year

We're building the UK's next generation engineering powerhouse, providing critical technology that strengthens national security and resilience. At Rowden, we design and integrate advanced systems that sense, connect, and protect data in challenging environments where quick decisions are vital. Our solutions are built to support mission critical operations in remote or high-pressure settings. Headquartered in Bristol (UK), we combine modern engineering methods with cutting-edge commercial technology to create adaptable, mission‑critical systems. We focus on solving the tough challenges that others overlook, ensuring our customers can operate effectively in an ever‑changing world.

As a Security Engineer at Rowden, you'll collaborate closely with the wider engineering team to design, implement, and maintain secure systems and infrastructure. You will be embedded within a delivery team(s) and work closely with the Technical Security Lead and external partners to assess risks, define security requirements, and ensure technical solutions are pragmatic, proportionate, and aligned with both business and customer needs.

Your focus will span both strategic and tactical aspects of security engineering. At a strategic level, you'll contribute to high‑level design and planning across areas such as secure network architecture, identity management, and cloud security. At a tactical level, you'll be hands‑on with implementation, working directly with systems, tools, and configurations to apply and validate security controls, troubleshoot issues, and support secure delivery. You'll collaborate with the wider engineering community to ensure agreed controls are effectively embedded, and that all systems are resilient, compliant, and aligned with current security standards.

This role is ideal for systems or software engineers with a foundational understanding of security controls, and we're committed to developing your expertise through formal and informal training. The ideal candidate will bring knowledge of threat modelling, secure system design, and compliance frameworks including NIST, ISO 27001, and DefStan 05-139. However, if you're still developing your understanding of these frameworks, please don't be discouraged, support and training will be provided to help you build confidence and capability.

While this role offers hybrid working options, it requires a minimum of 3 days per week on‑site at our Bristol HQ with occasional travel to customer sites.

Due to the nature of this role and the sensitivity of the work involved, applications are restricted to UK nationals. SC clearance is required (or ability to obtain) with DV being desirable. More information about security clearance is available here:

https://www.gov.uk/government/publications/united-kingdom-security-vetting-clearance-levels

• Implementing and maintaining system security controls and operating procedures, ensuring alignment with MOD and Rowden standards.
• Supporting the delivery of cyber security assurance activities, including documentation, testing, and reporting.
• Collaboration with project teams and external partners to deliver on agreed security deliverables and schedules.
• Participating in security risk assessments, threat modelling, and vulnerability management for cloud, software, and far‑edge deployments.
• Contributing to the security accreditation process, preparing evidence, managing asset registers and supporting audits as required.
• Assisting in the continuous improvement of security processes, incident response, and compliance monitoring.
• Engagement with supply chain partners to verify and assure security requirements throughout the capability lifecycle.
• Providing technical advice and hands‑on support to engineering teams, acting as a security champion within agile delivery teams.
• Representing Rowden in internal and external security forums.

• Proven experience in cyber security engineering, ideally within defence, government, or critical infrastructure environments.
• Strong understanding of Secure by Design, risk management, and MOD security standards.
• Hands‑on experience with cloud security, software assurance, and network security controls.
• Familiarity with security accreditation processes (e.g., RMADS, JSP 440/604, NCSC guidance).
• Ability to interpret and deliver against SOWs and SORs, working collaboratively with external assurance providers.
• Excellent communication skills, with the ability to explain complex security concepts to technical and non‑technical stakeholders.
• Strong analytical, documentation, and problem‑solving skills.

• Experience of tactical networked C4I systems, including Opnet.
• Knowledge of multi‑domain systems and cross‑domain solutions.
• Understanding of LOS & BLOS communication systems.
• Awareness of UK Government LETacCIS programmes and systems such as DSA, Morpheus, Trinity and Bowman.

• Extensive experience in software development environments and infrastructure delivery, with a solid engineering foundation, ideally in software engineering.
• In‑depth knowledge of Secure by Design principles and their application in secure systems architecture.
• Proficiency in securing cloud infrastructure, software, far edge networking, and integrated systems.
• Strong analytical and risk management skills, with a focus on continuous security improvement.
• Ability to work within cross‑functional teams to achieve secure, compliant solutions.

We are committed to building a flexible, inclusive, and enabling company. Our aim is to create a diverse team of talented people with unique skills, experience, and backgrounds, so please apply and come as you are! We also recognise the importance of flexible working and support this wherever we can. We typically operate a flexible, hybrid‑working model, with an average 3 days in the office each week (dependent on the role). We welcome the opportunity to discuss flexibility, part‑time working requirements and/or workplace adjustments with all our applicants.

Rowden is a Disability Confident Committed company, and we actively encourage people with disabilities and health conditions to apply for our roles. Please let us know your requirements early on so that we can make sure you have everything you need up front to help make the recruitment process and experience as easy as possible.

Finally, if you feel that you don't meet all the criteria included above but have transferable skills and relevant experience, we'd still love to hear from you!