Product Security Engineer

Derby
1 month ago
Applications closed

Related Jobs

View all jobs

Product Security Engineer

Systems Engineer – Product Security (Edgewing)

Systems Engineer – Product Security (Edgewing)

Systems Engineer – Product Security (Edgewing)

Systems Engineer – Product Security (Edgewing)

Systems Engineer – Product Security (Edgewing)

Job Description

Product Security Engineer

Derby/Bristol

As a Product Security Engineer, you will be responsible to secure a range of Roll-Royce products against an ever-evolving range of security threats (i.e. - cyber, supply chain, etc.). You may be involved at any stage of a project life cycle from concept development, design and integration, integrated/component testing through final production release. You'll usually work in cross-functional project teams with colleagues in other branches of engineering.

This is an exciting opportunity to work on flagship Rolls-Royce programs and play an important role in addressing some of the most complex and interesting technological challenges in Rolls-Royce. You will be encouraged to further develop and leverage your skills and experience in Product Security Engineering and to help grow Rolls-Royce capability in this pivotal area.

A force for progress; powering, protecting and connecting people everywhere.

At Rolls-Royce, we look beyond tomorrow. We continually pioneer integrated power and propulsion solutions to deliver cleaner, safer, and more competitive power.

Rolls-Royce is one of the most enduring and iconic brands and has been at the forefront of innovation for over a century. Designing, building and servicing systems that provide critical power to customers, where safety and reliability are paramount.

By joining Rolls-Royce and the Product Security Team you have the opportunity to be working on projects for any one of our three core businesses:
Civil aerospace - major manufacturer of aero engines for the large commercial aircraft, regional jet and business aviation markets

Defense - a market leader in aero engines for military transport and patrol aircraft with strong positions in combat applications

Power Systems - is a world-leading provider of integrated solutions for onsite power and propulsion

We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other protected characteristic. You can learn more here.

Key Accountabilities:

Contributes to the Secure Cyber Resilient Engineering (SCRE) of our products, applying technical knowledge and providing technical direction as required throughout the product lifecycle: architecture, requirements, design, build, test, production, operations, and support. Frequently, these activities will be done in a digital environment using Model Based Engineering tools.

Contribute to the development, implementation, documentation, and maintenance of policies, procedures, associated guidelines, tools and training.

Contribute to the security life cycle activities (concept through release) including regulatory certification/qualification (i.e. - The Risk Management Framework, ED-202A / DO-326A, Secure By Design, IEC 62443, etc.)

Collaborate with government, customers, suppliers, and industry experts to meet system and program requirements.

Provide feedback on systems security and resilience good practice and help disseminate the techniques, policies, procedures, and knowledge across the business.

Able to work across and communicate with multiple business functions (ie - Software, hardware, maintenance, manufacturing, corporate)

Basic Qualifications:

Bachelor's degree in a relevant engineering discipline (Electrical, Software, Controls, Systems, Cybersecurity) with 1+ years of experience, OR

Master's degree in a relevant engineering discipline (Electrical, Software, Controls, Systems, Cybersecurity)

Preferred Qualifications:

1+ years of experience working in Systems Security Engineering on physical embedded systems (ie - aviation systems, software defined vehicles, medical devices, weapon systems, etc) OR 2+ years of experience working in a related Engineering role (i.e. - Systems Engineering, Software Engineering, Electronics Engineering, Manufacturing Engineering, etc.)

Familiarity with Systems Engineering on complex systems and excellent systems thinking aptitude: the ability to understand complex system boundaries, interactions, and interdependencies across multiple abstraction layers throughout the system's entire lifecycle.

Knowledge of embedded systems and the technical skills required to develop, implement, and secure such cyber-physical systems.

Experience or interest in cybersecurity and cyber threats (ie - designing secure products, systems, and applications; intrusion detection; digital forensics; system recovery; risk assessment tools and methods; security solutions, policies, standards, and procedures, etc.).

Knowledge and/or experience in applying Systems Security policies and standards to the engineering of cyber-physical systems such as NIST SP (Apply online only), DO-326, UK Secure By Design, IEC 62443, the Risk Management Framework (RMF), and DoDI 5000.83.

Excellent communications skills: able to influence without authority and describe complex ideas simply and succinctly to non-technical people.

We are an equal opportunities employer. We're committed to developing a diverse workforce and an inclusive working environment. We believe that people from different backgrounds and cultures give us different perspectives which are crucial to innovation and problem solving. We believe the more diverse perspectives we have, the more successful we'll be. By building a culture of caring and belonging, we give everyone who works here the opportunity to realise their full potential.

You can learn more about our global Inclusion strategy at Our people | Rolls-Royce

To work for the Rolls-Royce Submarines business an individual has to hold a Security Check clearance. Rolls-Royce will support the application for Security Clearance if you do not currently already have this in place. Due to the nature of work the business conducts and the protection of certain assets we can only progress applications from individuals who are a UK national or, in MoD approved cases, a dual national.

Closing date : 5th February 2026

For further information please contact: Adam Ellis

As part of our selection process, candidates in certain locations may be asked to complete an online assessment, which can include cognitive and behavioural aptitude testing relevant to the role. If required, full instructions for the next steps will be provided.

Job Category

Software Systems

Posting Date

26 Feb 2026; 00:02

Posting End Date

05 Mar 2026PandoLogic. Keywords: Product Security Engineer, Location: Derby, ENG - DE23 8NX

Subscribe to Future Tech Insights for the latest jobs & insights, direct to your inbox.

By subscribing, you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Penetration Tester Jobs in the UK: What Employers Actually Want in 2026

The demand for skilled professionals in cyber security has never been higher, and penetration testers sit at the very heart of this rapidly evolving industry. As organisations across the UK continue to digitise their operations, protect sensitive data, and defend against increasingly sophisticated threats, the need for ethical hackers has grown dramatically. If you are considering a career in this field—or looking to advance within it—it is essential to understand what employers are really looking for in 2026. This guide breaks down the current expectations, required skills, certifications, and practical experience that can help you stand out in a competitive job market.

Jobs

SOC Analyst Jobs UK 2026: Salaries, Skills & How to Get Hired

Cyber security is one of the UK's fastest-growing career paths — and SOC analyst is where most people begin. It's in high demand, genuinely accessible, and you don't need a degree or years of experience to get started. But knowing what UK employers actually want in 2026 — what they pay, which certs matter, and how to stand out — is a different matter. This guide covers all of it.

Careers

How Many Cyber Security Tools Do You Need to Know to Get a Cyber Security Job?

If you are trying to build or move forward in a cyber security career, it can feel like the list of tools you are expected to know never ends. One job advert asks for SIEM platforms, another mentions penetration testing tools, another lists cloud security, threat intelligence platforms, endpoint detection, scripting languages and compliance frameworks. Scroll LinkedIn and it gets worse. Everyone seems to “know” dozens of tools, certifications and platforms. Here is the reality most cyber security hiring managers agree on: they are not hiring you because you know every tool. They are hiring you because you understand risk, can think like an attacker and a defender, follow process, communicate clearly and make good decisions under pressure. Tools matter — but only when they support those outcomes. So how many cyber security tools do you actually need to know to get a job? For most job seekers, the answer is far fewer than you think. This article explains what employers really expect, which tools are essential, which are role-specific and how to focus your learning so you look credible, not overwhelmed.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.