Product Cyber Security Lead

Copello
High Wycombe, Buckinghamshire, United Kingdom
3 weeks ago
Job Type
Contract
Work Pattern
Full-time
Work Location
Hybrid
Seniority
Lead
Security Clearance
Required
Posted
8 Jun 2026 (3 weeks ago)

Copello are looking for Product Cyber Security Lead to join an organisation in the Buckinghamshire area on an initial 12 month contract.

The Cyber Security Lead will assist with the end‑to‑end implementation of US Department of Defense (DoD) cyber security requirements for a mission‑critical product development programme.

Key Responsibilities

1. Cyber Requirement Implementation

* Interpret and implement US Government‑flowed cyber and information‑assurance requirements across the product lifecycle.

* Ensure compliance with the following (non‑exhaustive) set of standards and contractual flows:

* DoD 8140.01 (cyber workforce qualification)

* NIST SP 800‑171 (CUI protection)

* DI-IPSC‑82249, DISA STIGs, DI‑MGMT‑82191, DI-MISC‑80508

2. Product and Engineering Assurance

* Define and maintain the programme Cyber Security Plan, including CUI handling, secure development practices and compliance evidence.

* Lead cyber risk assessments, threat modelling and vulnerability assessments for embedded systems, software, firmware and Special Test Equipment (STE).

* Guide teams on secure coding, static/dynamic code analysis, secure configuration, hardening baselines, cryptographic controls and data‑at‑rest/data‑in‑transit protection.

* Ensure firmware, embedded applications and STE conform to defined security controls, logging, access control and audit requirements.

3. Programme Execution

* Own the cyber schedule, deliverables and risks within the programme.

* Drive timely completion of artefacts required for customer acceptance, including SSPs, POA&Ms, incident response plans, configuration baselines and security test evidence.

* Coordinate with US prime/DoD representatives on security clarifications and compliance submission.

4. Governance and Compliance

* Implement a compliant environment for development, test and integration, aligned to NIST 800‑171, DFARS, STIGs and applicable ITAR/Export Control constraints.

* Ensure cyber incident reporting processes are in place and tested per DFARS 252.204‑7012.

* Support internal audit, external customer audit and formal assessment activities.

5. Technical Leadership

* Provide expert coaching to firmware, software, systems and STE engineers.

* Ensure cyber requirements are correctly decomposed, allocated and verified.

* Act as the technical authority for all product cyber security matters on the programme.

Required Qualifications and Experience

Essential

* Extensive cyber security experience in defence, aerospace or other mission‑critical regulated environments.

* Strong understanding of secure development for embedded systems, firmware, RTOS platforms and bespoke STE.

* Demonstrable experience implementing NIST SP 800‑171, DoD cyber requirements, and DISA STIGs on hardware/software products.

* Experience producing and maintaining programme‑level cyber security documentation and compliance evidence.

* Ability to lead cyber work packages and influence multi‑disciplinary engineering teams.

* Eligibility to work with ITAR‑controlled and Controlled Unclassified Information (CUI).

The role will require the candidate to be based onsite 4 days a week. The role will also require SC or eligibility for SC clearance.

This role is offering a flexible hourly rate dependant on experience and will be INSIDE IR35

Related Jobs

View all jobs

Senior Application Security Engineer - DevSecOps & Cloud Security

Additional Resources London, United Kingdom
£70,000 – £80,000 pa Hybrid

Senior Application Security Engineer - DevSecOps & Cloud Security

Additional Resources Ec1N2Ll, EC1N 2LL, United Kingdom
£70,000 – £80,000 pa Hybrid

Product Security Engineer (we have office locations in Cambridge, Leeds & London)

Genomics England London, United Kingdom

Cyber Security Engineer - Incident Response & Crisis Simulation within UK

Immersive United Kingdom
Remote

Head of Product Security – CISO function - BPL

Barclays London, E14 5RB, United Kingdom
Hybrid Clearance Required

Senior Solutions Architect (Cyber Security)

Hirecracker London, United Kingdom
£110,000 – £130,000 pa Hybrid Clearance Required

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.