Product Security Engineer

Job Description

Product Security Engineer

Derby/Bristol

As a Product Security Engineer, you will be responsible to secure a range of Roll-Royce products against an ever-evolving range of security threats (i.e. - cyber, supply chain, etc.). You may be involved at any stage of a project life cycle from concept development, design and integration, integrated/component testing through final production release. You'll usually work in cross-functional project teams with colleagues in other branches of engineering.

This is an exciting opportunity to work on flagship Rolls-Royce programs and play an important role in addressing some of the most complex and interesting technological challenges in Rolls-Royce. You will be encouraged to further develop and leverage your skills and experience in Product Security Engineering and to help grow Rolls-Royce capability in this pivotal area.

A force for progress; powering, protecting and connecting people everywhere.

At Rolls-Royce, we look beyond tomorrow. We continually pioneer integrated power and propulsion solutions to deliver cleaner, safer, and more competitive power.

Rolls-Royce is one of the most enduring and iconic brands and has been at the forefront of innovation for over a century. Designing, building and servicing systems that provide critical power to customers, where safety and reliability are paramount.

By joining Rolls-Royce and the Product Security Team you have the opportunity to be working on projects for any one of our three core businesses:
Civil aerospace - major manufacturer of aero engines for the large commercial aircraft, regional jet and business aviation markets

Defense - a market leader in aero engines for military transport and patrol aircraft with strong positions in combat applications

Power Systems - is a world-leading provider of integrated solutions for onsite power and propulsion

We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other protected characteristic. You can learn more here.

Key Accountabilities:

Contributes to the Secure Cyber Resilient Engineering (SCRE) of our products, applying technical knowledge and providing technical direction as required throughout the product lifecycle: architecture, requirements, design, build, test, production, operations, and support. Frequently, these activities will be done in a digital environment using Model Based Engineering tools.

Contribute to the development, implementation, documentation, and maintenance of policies, procedures, associated guidelines, tools and training.

Contribute to the security life cycle activities (concept through release) including regulatory certification/qualification (i.e. - The Risk Management Framework, ED-202A / DO-326A, Secure By Design, IEC 62443, etc.)

Collaborate with government, customers, suppliers, and industry experts to meet system and program requirements.

Provide feedback on systems security and resilience good practice and help disseminate the techniques, policies, procedures, and knowledge across the business.

Able to work across and communicate with multiple business functions (ie - Software, hardware, maintenance, manufacturing, corporate)

Basic Qualifications:

Bachelor's degree in a relevant engineering discipline (Electrical, Software, Controls, Systems, Cybersecurity) with 1+ years of experience, OR

Master's degree in a relevant engineering discipline (Electrical, Software, Controls, Systems, Cybersecurity)

Preferred Qualifications:

1+ years of experience working in Systems Security Engineering on physical embedded systems (ie - aviation systems, software defined vehicles, medical devices, weapon systems, etc) OR 2+ years of experience working in a related Engineering role (i.e. - Systems Engineering, Software Engineering, Electronics Engineering, Manufacturing Engineering, etc.)

Familiarity with Systems Engineering on complex systems and excellent systems thinking aptitude: the ability to understand complex system boundaries, interactions, and interdependencies across multiple abstraction layers throughout the system's entire lifecycle.

Knowledge of embedded systems and the technical skills required to develop, implement, and secure such cyber-physical systems.

Experience or interest in cybersecurity and cyber threats (ie - designing secure products, systems, and applications; intrusion detection; digital forensics; system recovery; risk assessment tools and methods; security solutions, policies, standards, and procedures, etc.).

Knowledge and/or experience in applying Systems Security policies and standards to the engineering of cyber-physical systems such as NIST SP (Apply online only), DO-326, UK Secure By Design, IEC 62443, the Risk Management Framework (RMF), and DoDI 5000.83.

Excellent communications skills: able to influence without authority and describe complex ideas simply and succinctly to non-technical people.

We are an equal opportunities employer. We're committed to developing a diverse workforce and an inclusive working environment. We believe that people from different backgrounds and cultures give us different perspectives which are crucial to innovation and problem solving. We believe the more diverse perspectives we have, the more successful we'll be. By building a culture of caring and belonging, we give everyone who works here the opportunity to realise their full potential.

You can learn more about our global Inclusion strategy at Our people | Rolls-Royce

To work for the Rolls-Royce Submarines business an individual has to hold a Security Check clearance. Rolls-Royce will support the application for Security Clearance if you do not currently already have this in place. Due to the nature of work the business conducts and the protection of certain assets we can only progress applications from individuals who are a UK national or, in MoD approved cases, a dual national.

Closing date : 5th February 2026

For further information please contact: Adam Ellis

As part of our selection process, candidates in certain locations may be asked to complete an online assessment, which can include cognitive and behavioural aptitude testing relevant to the role. If required, full instructions for the next steps will be provided.

Job Category

Software Systems

Posting Date

26 Feb 2026; 00:02

Posting End Date

05 Mar 2026PandoLogic. Keywords: Product Security Engineer, Location: Derby, ENG - DE23 8NX