Lead Product Security Engineer
Location – Flexible, can be based across the South of the UK with 1-day a week on-site across multiple locations.
The Company:
We are proud to be partnered with one of the world’s leading organisations within Electronic Warfare, with over 100-years history providing the latest technological advances to military customers in the UK and further afield.
This is a great opportunity to work on critical programmes in EW and Future Combat Air Systems, where you will take the lead on safety-critical Product Security.
Key Skills:
* Experience of Product Security
* Working in a complex safety-critical engineering environment
* Understanding of the Systems Development Lifecycle / V-Models
* Ideally Electronics experience but can consider other complex product development backgrounds
* Technical leadership experience, including mentoring and development skills
* Understanding of cyber security and cyber resilience
Company Benefits:
* Flexible salary depending on level to be discussed on application
* Annual bonus scheme
* Industry leading pension scheme – up to 15% employer contribution (based on 8% employee contribution). Please see table below.
* Life assurance – 4x annual salary if you have opted into the pension scheme
* Flexi leave – 12 flexi days a year for additional hours worked
* Annual leave – 25 days plus public holidays
* Hybrid working schedule with 1-day a week on-site with occasional UK travel
* Flexible benefits - £500 per year for employees to select their own benefits (ie. private medical insurance, dental insurance etc)
Job Description:
* Experience of owning a security risk management system
* Regulated industry experience in aerospace, nuclear, automotive, rail or oil & gas;
* People management, mentoring and development skills
* Practical experience of the System Development Life Cycle, Software Development Life Cycle, Spiral, V-Models and Agile frameworks;
* The ability to understand complex engineering processes and the inter-dependency of the process components;
* A passion for promoting and improving the safety and security of complex systems.
* Broad breadth of engineering experience in order to be able to review project demands and advise on resourcing needs, development, delivery plans and structures.
* Familiarity with the application of cyber resilience controls to embedded systems
It would be desirable, but not essential, if you also had one or more of:
* Practical experience of ISO27001/27004/27005 or NIST Risk Management Framework (RMF);
* Knowledge of UK/NATO Information Assurance/Accreditation frameworks;
* Knowledge of EASA/FAA Airworthiness Certification frameworks;
* Awareness of current crypto technologies, Key Management Systems & practical COMSEC;
* Awarded or looking to achieve an NCSC Certified Cyber Professional (CCP) recognition;
* Awareness of Information Security (INFOSEC), Communications Security (COMSEC), Transmission Security (TRANSEC), Product Safety and their inter-relationship
* Familiarity with incident investigation and implementation of an investigation process such as used by the Air Accidents Investigation Branch (AAIB);