Staff Product Security Engineer

The Staff Product Security Engineer will define and execute the product security strategy across a broad product lineup. The role is focused on embedding security-by-design principles from concept through post-market phases, building and mentoring a high-performing security team, and ensuring products meet the highest cybersecurity and regulatory requirements. This position requires strong leadership, technical expertise, and the ability to align security initiatives with organisational goals and customer needs.

• Lead and develop a high-performing Product Security team supporting multiple products within the business unit.
• Improve team effectiveness to minimise security risk and strengthen product resilience across the portfolio.
• Build a culture of accountability, innovation, and continuous improvement.
• Drive risk reduction and enhance product security using secure-by-design principles, threat modelling, and proactive vulnerability management.
• Collaborate cross-functionally with R&D, Quality, Regulatory, IT, and other teams to integrate security throughout the entire product lifecycle.
• Translate cybersecurity strategies into actionable plans aligned with enterprise objectives, regulatory requirements, and customer expectations.
• Track and report on security posture, using metrics and benchmarks to identify gaps and guide decision-making.
• Guide engineering teams in interpreting security requirements and implementing them in both new and existing products.
• Deploy software security controls and define product requirements in areas including encryption, authentication, logging, hardening, patch management, disaster recovery, and vulnerability monitoring.
• Conduct product security risk assessments, hazard analyses, and provide recommendations for remediation.
• Support the creation and management of Product Security documentation using standard documentation tools and systems.
• Facilitate technical design reviews and code analysis, providing clear, actionable feedback.
• Support development teams in preparing Incident and Vulnerability Management Plans and Product Security White Papers.
• Contribute to incident response activities and coordinate with other technical disciplines such as penetration testing, hardware engineering, systems, quality, and technical services.
• Ensure compliance with applicable development policies, software quality standards, and regulatory expectations.

• Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, or a related field, or equivalent professional experience.

• Minimum 5 years’ experience in IT security architecture, secure software development, systems design, and related technical domains.
• Experience leading or managing technical teams.

• Strong understanding of encryption algorithms and PKI solutions.
• Knowledge of security challenges and mitigation techniques for embedded devices.
• Experience with dynamic and static code analysis tools.
• Strong networking and network security knowledge, including common threats.
• Experience working within regulated environments and quality management systems.
• Proficiency with Microsoft Office and standard documentation tools.

• Excellent written and verbal communication skills.
• Ability to influence, collaborate, and drive alignment across multiple stakeholders.
• Strong work ethic and commitment to meeting project objectives.

This role requires primarily on-site collaboration, with an expected in-office presence of approximately four days per week. Remote or field-based arrangements may apply for certain positions.

All qualified applicants will receive consideration without regard to legally protected characteristics, including but not limited to race, colour, religion, sex, sexual orientation, gender identity or expression, age, national origin, disability, or veteran status.