Description
Product Security Engineer
Derby/Bristol
As a Product Security Engineer, you will be responsible to secure a range of Roll-Royce products against an ever-evolving range of security threats (i.e. - cyber, supply chain, etc.). You may be involved at any stage of a project life cycle from concept development, design and integration, integrated/component testing through final production release. You'll usually work in cross-functional project teams with colleagues in other branches of engineering.
This is an exciting opportunity to work on flagship RR programs and play an important role in addressing some of the most complex and interesting technological challenges in Rolls-Royce. You will be encouraged to further develop and leverage your skills and experience in Systems Security Engineering and to help grow RR capability in this pivotal area.
A force for progress; powering, protecting and connecting people everywhere.
At Rolls-Royce, we look beyond tomorrow. We continually pioneer integrated power and propulsion solutions to deliver cleaner, safer, and more competitive power.
Rolls-Royce is one of the most enduring and iconic brands and has been at the forefront of innovation for over a century. Designing, building and servicing systems that provide critical power to customers, where safety and reliability are paramount.
By joining Rolls-Royce and the Product Security Team you have the opportunity to be working on projects for any one of our three core businesses:
Civil aerospace - major manufacturer of aero engines for the large commercial aircraft, regional jet and business aviation markets Defense - a market leader in aero engines for military transport and patrol aircraft with strong positions in combat applications Power Systems - is a world-leading provider of integrated solutions for onsite power and propulsion
We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other protected characteristic. You can learn more .
Key Accountabilities:
Contributes to the Secure Cyber Resilient Engineering (SCRE) of our products, applying technical knowledge and providing technical direction as required throughout the product lifecycle: requirements, design, build, test, production, operations, and support. Contribute to the development, implementation, documentation, and maintenance of policies, procedures, associated guidelines, tools and training. Lead the security life cycle activities (concept through release) for one or more Rolls-Royce products including regulatory certification/qualification (i.e. - The Risk Management Framework, ED-202A / DO-326A, Secure By Design, IEC 62443, etc.) Lead a small number of individuals or projects in this subject area, providing technical leadership to teams or projects in addition to having impact through functional knowledge. Collaborate with government, customers, suppliers, and industry experts to meet customer mission, business, and system security requirements. Develop and update systems security and resilience good practice and help disseminate the techniques, policies, procedures, and knowledge across the business. Strong ability to work across and communicate with multiple business functions (i.e. - Software, hardware, maintenance, manufacturing, corporate)
Basic Qualifications:
Bachelor's degree in a relevant engineering discipline (Electrical, Software, Controls, Systems, Cybersecurity) with experience in a relevant engineering environment (Electrical, Software, Controls, Systems) with 2+ years’ experience, OR Master’s degree in a relevant engineering discipline (Electrical, Software, Controls, Systems, Cybersecurity) with experience in a relevant engineering environment (Electrical, Software, Controls, Systems), with 0+ years’ experience OR JD/PhD
Preferred Qualifications:
3+ years of experience working in Systems Security Engineering on real-time cyber-physical embedded systems (i.e. - aviation systems, software defined vehicles, medical devices, weapon systems, etc.) OR 4+ years of experience working in a related Engineering role (i.e. - Systems Engineering, Software Engineering, Electronics Engineering, Manufacturing Engineering, etc.) Familiarity with Systems Engineering on complex systems and excellent systems thinking aptitude: the ability to understand complex system boundaries, interactions, and interdependencies across multiple abstraction layers throughout the system’s entire lifecycle. Deep knowledge of embedded systems and the technical skills required to develop, implement, and secure such cyber-physical systems. Experience or interest in cybersecurity and cyber threats (i.e. - designing secure products, systems, and applications; intrusion detection; digital forensics; system recovery; risk assessment tools and methods; security solutions, policies, standards, and procedures, etc.). Knowledge and/or experience in applying systems security policies and standards in engineering cyber-physical systems such as the Risk Management Framework (RMF), NIST SP 800-160, DO-326, and DoDI 5000.83. Excellent communications skills: able to influence without authority and describe complex ideas simply and succinctly to non-technical people.
We are an equal opportunities employer. We’re committed to developing a diverse workforce and an inclusive working environment. We believe that people from different backgrounds and cultures give us different perspectives which are crucial to innovation and problem solving. We believe the more diverse perspectives we have, the more successful we’ll be. By building a culture of caring and belonging, we give everyone who works here the opportunity to realise their full potential.
We welcome applications from people with a refugee background.
You can learn more about our global Inclusion strategy at
To work for the Rolls-Royce Submarines business an individual has to hold a Security Check clearance. Rolls-Royce will support the application for Security Clearance if you do not currently already have this in place. Due to the nature of work the business conducts and the protection of certain assets we can only progress applications from individuals who are a UK national or, in MoD approved cases, a dual national.
Closing date : 31st July 2025
Job Category
Software Systems
Posting Date
17 Jul 2025; 00:07
Posting End Date
30 Jul 2025
