Lead Security Engineer

Job Description:

Leonardo’s Electronic division are looking for an experienced and highly motivated Lead Security Engineer to join our growing Design Integrity department. You will be responsible for providing Security Assurance to support the development and delivery of the products (whilst considering cyber resilience) with the ambition to meet the Secure by Design principles. You'll ensure the development, implementation, and management of security protocols, tools, and practices on maturing products meets the appropriate standards and Def Cons. Working closely with the Integrated Product Team (IPT) frameworks with specialists from other disciplines (Software, Systems, and Electronics engineers), you will provide specialist knowledge and advice throughout the product lifecycle.

In addition to this, you'll be accountable for providing independent Information Assurance (IA) on products outside of your immediate responsibility, including independent assessments at Design Reviews, and on deliverable artefacts. You will form part of a wider Product IA and Security community across Leonardo Electronics UK, influencing corporate policies, processes and guidance. Managing architects such as the generation of Technical Risk Assessments, Security Design and Management Documentation, and Remediation Action Plans. As well as this, you’ll oversee the generation and approval of Product Security and Information Assurance Management Plan; Product Design Reviews; generation of Product Security deliverable information (Product Integrity certificates, product security cases.)

What you will be doing as a Lead Security Engineer;

Risk Management:Perform risk assessments to identify potential security risks and work product development teams to implement mitigations and preventive measures.Incident Response & Mitigation:Assess and maintain the Incident Response Plan, lead the response to security incidents and breaches, providing expertise in root cause analysis, containment, and remediation.Vulnerability Management:Conduct regular security assessments, including vulnerability scanning and writing penetration testing Statement of Works, and manage the remediation of identified vulnerabilities.Security Tools & Technologies Advice:Provide guidance on the selection, implementation, and optimization of security tools such as firewalls, intrusion detection systems (IDS), intrusion prevention systems (IPS), and security information and event management (SIEM) systems.Support Security Architecture & Design:Assess the design, implementation, and maintenance of developed products to protect against threats and vulnerabilities.Security Awareness Training:Promote security awareness within the sector through training and communication, ensuring employees understand and follow security protocols.Reporting & Documentation:Create and maintain clear, concise reports, metrics, and documentation related to security incidents, risks, and controls.

What we need from you;

Practical experience of ISO27001/27004/27005 and NIST Risk Management Framework (RMF) Demonstrable experience of writing IA Technical Risk Assessments and the management of these Assessments Good understanding and appreciation of the Engineering development lifecycles and how the Product Security specialism aligns Ability to interpret Penetration Test Reports and write Remediation Action Plans An appreciation of the wider UK Government Assurance Processes (such as the legacy JSP 604 Assurance or the CAF GovAssure processes). Experience of owning a security risk management system for highly regulated products based on recognised frameworks such as aerospace, nuclear, automotive, rail or oil and gas

Security Clearance

: https://www.gov.uk/government/publications/united-kingdom-security-vetting-clearance-levels

Life at Leonardo

With a company funded benefits package, a commitment to learning and development, and a flexible approach to working hours focused on the needs of both our employees and customers, a career with Leonardo has never offered as many opportunities or been more accessible to as many people.

Flexible Working: Flexible hours with hybrid working options. For part time opportunities, please talk to us Company funded flexible benefits: Access to private healthcare, dental schemes, Workplace ISA, Go Green Car Scheme, technology and lifestyle options (£500 annual allowance) Holidays: 25 days plus bank holidays, option to buy/sell leave and to accrue up to 12 additional flexi leave days per year Pension: Award winning pension scheme (up to 15% employer contribution) Wellbeing: Employee Assistance Programme with access to free mental health support, financial wellbeing support and network groups to demonstrate our ongoing commitment to diversity & inclusion (Enable, Pride, Equalise, Armed Forces, Carers, Wellbeing, Ethnicity) Lifestyle: Discounted Gym membership, Cycle to work scheme Training: Free access to more than 4000 online courses via Coursera and LinkedIN Learning Referral Incentive: You can earn a reward for successfully referring a friend or family member Bonus: Scheme in place for all employees at management level and below

For a full list of our Company, benefits please our website here.

Leonardo is a global high-tech company and one of the key players in Aerospace, Defence and Security. Headquartered in Italy, Leonardo has over 45,000 employees, of which 8,000 are based at 8 sites throughout the UK.

At Leonardo UK, we believe that a diverse and inclusive work environment unlocks our people’s full potential and drives innovation and creativity. We work hard to offer a welcoming, accessible and inclusive place to work for all of our people, creating a culture where everyone can thrive, feel safe and have a sense of belonging and connection.

This is a great opportunity to bring your talents and form an integral part of Leonardo’s future. We can help you develop your skills and offer great opportunities to develop and grow, so why not join us.