Product Security Engineer
Salary £60k + Benefits
Based Bristol with Hybrid Working
We are taking applications for this exclusive vacancy to work for our client, a global defence tech organisation as Product Security Engineer. In this exciting role the successful candidate will be responsible for ensuring that software, hardware, and service products are designed, developed, and maintained with strong security features. The role involves identifying and mitigating security risks throughout the product lifecycle, conducting risk assessments, and collaborating with development teams to integrate secure coding practices.
Key Responsibilities:
Conduct risk assessments, identify vulnerabilities, and implement mitigation measures.
Integrate secure coding practices into the software development lifecycle.
Perform security code reviews and ensure secure-by-design principles.
Conduct threat modelling exercises to identify and mitigate potential risks.
Ensure compliance with security regulations such as ISO27001, NIST 800-30/37/53, JSP 440, 604, and Defence Standards.
Develop and maintain security documentation (e.g., RMADS, Security Assurance Documents, Security Management Plans).
Conduct penetration testing, vulnerability assessments, and remediation activities.Key Skills & Experience:
Strong knowledge of risk management frameworks and methodologies (ISO 27001/2, ISO27005/31000, NIST 800-30, NIST 800-53).
Experience with defence and government security standards (JSPs, Def Stan 05-138/139).
Proficiency in security testing tools, technologies, and techniques.
Ability to analyze and mitigate security vulnerabilities effectively.
Strong problem-solving, decision-making, and communication skills.Qualifications & Requirements:
Degree in Cybersecurity, Computer Science, or a related field (or equivalent experience).
Industry certifications such as CISSP, OSCP, CEH, or GIAC (preferred but not mandatory).
Must be eligible for SC security clearance.
Experience working in defence, government, or high-security environments is a plus
