National AI Awards 2025Discover AI's trailblazers! Join us to celebrate innovation and nominate industry leaders.

Nominate & Attend

Lead Product Security Engineer (contract)

CBSbutler
Bedford
1 week ago
Create job alert

Lead Product Security Engineer



  • £90 p/h (Inside IR35)
  • 12 month min contract
  • Luton, Bedfordshire - 90% onsite
  • Defence & Government



We are seeking to recruit an experiencedLead Product Security Engineerwith expertise in developing and maintaining product security management systems for defence and government customers.


This position will report to the Head of Engineering Projects and will take responsibility forall security aspects of product design, development, verification and maintenance through all phases of the product lifecycle.


The role will focus on undertaking security risk assessments for products, preparing security risk mitigation plans, deriving security requirements and working with product development teams to design, implement and maintain appropriate security controls and production of Product Security Artefacts.



Key Responsibility Areas: Lead Product Security Engineer



  • Production of Security Managements Plans, work package descriptions and cost estimates in support of product bids, services and proposals.
  • Undertaking security risk assessments, risk mitigation plans, mitigation gap analysis and preparation of security management documentation for system Accreditation.
  • Defining product security requirements, advising development teams on suitable implementation standards and techniques and overseeing product development activities.
  • Liaison with Security Accreditors and Security Assurance Coordinators in support of security accreditation.
  • Preparation of Protection Profiles, Security Targets and Evaluation Management Plans, and liaison with NCSC and commercial evaluation teams in support of evaluation activities.
  • Preparation of TEMPEST Control Plans, advising development teams on appropriate implementation techniques and liaising with TEMPEST test facilities.
  • Advising development teams on suitable platform lockdown and configurations, and supporting Penetration test activities. Analysing penetration test results and preparation of remedial action plans.
  • Prepare and implement through life support and maintenance for product security including vulnerability and patch management plans
  • Lead security incident management teams during incident/crisis situations in conjunction with Head of Product Security for EW/FCA



What we are looking for: Lead Product Security Engineer



  • Experience in the development of security solutions for a military &/or commercial products and systems.
  • Registered NCSC certified professional at senior level or above, or NCSC recognised qualification, e.g. ISC2Certified Information System Security Professional.
  • Knowledge of UK/NATO Information Assurance standards, procedures & systems, including Government Functional Standard GovS 007: Security, HMG IS1&2, ISO27000 series standards, NIST SP800 series standards, JSP440, JSP604, guidance material provided by NCSC, CPNI and NIST.
  • Practical experience of producing Security Accreditation documentation
  • Practical experience of NCSC and Common Criteria security evaluation techniques.
  • Knowledge of current crypto technologies and key management systems
  • Model Base System Engineering (MBSE) knowledge

Related Jobs

View all jobs

Lead Product Security Engineer (contract)

Product Security Engineer

Product Security Analyst

Lead Application Security Engineer

Lead IT Security Engineer (Zscaler)

Lead Security Engineer (OT)

National AI Awards 2025

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs Careers

Return-to-Work Pathways: Relaunch Your Cyber Security Career with Returnships, Flexible & Hybrid Roles

Re-entering the workforce after a career break can feel especially challenging in a fast-moving field like cyber security. Whether you stepped away for parenting, caregiving or another life chapter, the UK’s cyber security sector now offers a range of return-to-work pathways—from structured returnships to flexible and hybrid roles. These programmes value the transferable skills and resilience you’ve developed during your break, pairing you with mentorship, upskilling opportunities and supportive networks to ease your transition back into cyber security. In this article, tailored for parents and carers, you’ll discover how to: Understand the growing demand for cyber security talent in the UK Translate your organisational, communication and problem-solving skills into cyber security roles Tackle common re-entry challenges with practical solutions Refresh your technical knowledge through targeted learning Access returnship and re-entry programmes specific to cyber security Find roles that accommodate family commitments—whether hybrid, flexible or full-time Balance your career relaunch with caring responsibilities Master applications, interviews and networking in cyber security Draw inspiration from real returner success stories Whether you aim to return as an analyst, penetration tester, security engineer or compliance specialist, this guide will equip you with the steps and resources to reignite your cyber security career.

Jobs

LinkedIn Profile Checklist for Cybersecurity Jobs: 10 Tweaks to Supercharge Recruiter Engagement

In the ever-evolving realm of cybersecurity, having a LinkedIn profile that reflects both your technical prowess and threat-hunting acumen is vital. Organisations are on the lookout for professionals skilled in penetration testing, incident response, security architecture and compliance. With hiring managers scanning dozens of profiles daily, your profile needs to not just rank in searches but convey your expertise in safeguarding digital assets. This step-by-step LinkedIn for cybersecurity jobs checklist offers ten practical tweaks to supercharge recruiter engagement. Whether you’re an aspiring security analyst, a seasoned penetration tester or a chief information security officer aiming for board-level roles, these actionable optimisations will sharpen your LinkedIn presence and position you as a top infosec candidate.

Education

Part-Time Study Routes That Lead to Cyber Security Jobs: Evening Courses, Bootcamps & Online Masters

The frequency and sophistication of cyber-attacks have exploded in recent years, making cyber security one of the UK’s most in-demand skill sets. From safeguarding NHS patient data to defending FTSE 100 financial systems, organisations across sectors require qualified professionals—penetration testers, security analysts, incident responders and security architects—to protect critical infrastructure. Yet many professionals cannot pause their careers to upskill full time. Fortunately, an ecosystem of part-time learning pathways—evening courses, intensive bootcamps and flexible online master’s programmes—enables you to learn cyber security while working. This comprehensive guide explores every route: foundational CPD, immersive bootcamps, accredited online MScs, plus funding options, planning strategies and a real-world case study. Whether you’re an IT support technician, a software developer or a compliance manager aiming to pivot into security, you’ll discover how to build expertise at your own pace.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.