Principal Security Consultant

Job Description:
The opportunity:
Leonardo UK is seeking a proven and experienced Principal Consultant to join the Cyber & Security Solutions Division team. This role focuses on delivering one of the company's core products to an existing customer. It involves leading a team that oversees, coordinates, and delivers all aspects of cyber and information security throughout the engineering lifecycle—from requirements to in-service support and maintenance.
This is an exciting opportunity at the start of a significant program, ensuring the product and deliverables are as secure as reasonably practicable and aligned with customer requirements and risk appetite. You will be supported by a larger consulting team, engineers, and product domain specialists.
Work may involve a hybrid model, combining remote work and on-site presence at one of our Leonardo offices or customer sites.
Talk to us to find out more.
What you'll do as a Principal Security Consultant:
Lead a team to meet all aspects of cyber and information security across the engineering lifecycle.
Translate customer requirements into actionable security management plans, statements of work, and activities.
Become the lead security SME for the product being delivered.
Oversee and deliver statements of work and artifacts within time, cost, and quality constraints.
Identify, manage, and escalate technical and delivery risks and issues.
Manage customer relationships for the security workstream, both internal and external.
Line manage and mentor consultants within your team as needed.
What we need from you:
In addition to a passion for cyber and information security, ideally you should have:
Skills:
Ability to work independently and make sound decisions based on available facts.
Excellent communication skills at all levels, internally and with customers.
Core consulting skills: building client relations, adaptability, reliability, flexibility, and teamwork.
Managing risks and services in line with customer, regulatory, and legislative expectations.
Qualifications:
A degree or master's in cyber security, systems or software engineering, or relevant experience.
At least two recognized professional cyber security certifications such as CISSP, CISM, CASP/SecurityX, or Chartership (ChCSP).
Knowledge and Experience:
MOD accreditation and secure by design processes (ISN2023/09) and related policies.
Application of standards like NIST SP 800-30, 37, 53, RTCA-DO-326A/B, 355A, 356A.
Defense security standards such as Defstan 05-138 & 05-139.
Experience extending beyond traditional enterprise IT to proprietary and open-source software, firmware, and hardware.
Developing and analyzing design constraints and security designs related to the cyber domain.
Decomposing cyber and security requirements to system control levels.
Conducting risk assessments, threat modeling, vulnerability analysis, and mitigation evaluations.
Managing security verification, validation, and remedial plans.
Coordinating with engineers and architects to develop robust solutions and advise on configurations.
It would be advantageous if you also had:
Understanding of the engineering lifecycle and key gate reviews.
Knowledge of Crypto technologies, Key Management Systems, COMSEC, and MOD/NCSC standards.
Experience with ARP4754A/ARP4761 and their relation to security.
Security Clearance:
You must be eligible for full security clearance. For more info, visit:

UK Security Vetting Levels
Life at Leonardo:
We offer a funded benefits package, learning and development opportunities, and flexible working hours. Benefits include private healthcare, dental schemes, workplace ISA, car schemes, tech and lifestyle allowances, holidays, pension, wellbeing programs, and more. For details, visit our website.
Leonardo is a global high-tech company in Aerospace, Defence, and Security, headquartered in Italy, with over 45,000 employees worldwide, including 8,000 in the UK.
The Cyber & Security Division (CSD) is a key innovator, providing technology and services for civil and defence markets, helping secure national infrastructure and commerce.
This role is within our Cyber Consulting Practice, which works across sectors including Defence, Telecom, Energy, and Finance, and is certified by the UK NCSC.
Leonardo UK values diversity and inclusion, fostering a welcoming environment where everyone can thrive.
This is a great opportunity to contribute your talents and develop your career with Leonardo. Join us!
Primary Location:

GB - Yeovil - Lysander Rd
Additional Locations:

GB - Bristol - Coldharbour Lane
Contract Type:

[Details not specified]
Hybrid Working:

Yes

#J-18808-Ljbffr