Product Security Specialist

PA Consulting
London
3 weeks ago
Create job alert

Job Description

We are seeking a Product Security Specialist with expertise in connected/ IoT medical devices or healthcare products to join our team. The ideal candidate will be responsible for working with our clients to advice and shape the overall security strategy for products, ensure secure design, development, and deployment across the entire product lifecycle, and implement industry best practices to protect sensitive healthcare data.

Key Responsibilities:

  • Work with client product teams and functional groups on determining objectives, scope, and timelines for key product security initiatives and architecting the delivery methodologies
  • Assess security risks across client product portfolios and recommend remediation strategies while balancing business and technical requirements
  • Advice on strategies around coding, threat modeling, and security testing for embedded systems, IoT devices while ensuring compliance with industry regulations
  • Work alongside client R&D teams to lead on secure code reviews, threat modeling, security risk assessments, vulnerability assessments and validation and verification of controls
  • Monitor emerging cybersecurity threats in the IoT and medical device landscape and write though leadership to showcase PA’s point of view on these
  • Build strong stakeholder relationships across our clients
  • Foster team growth, training and deliver outcomes.
  • Support and drive business development efforts
  • Manage projects with expertise.
  • Solve problems with a consulting approach.

Flexible working - We are guided by our client work and needs; however, you have autonomy to manage your time and diary to suit your work/life balance.


Qualifications

  • 8+ years of experience in IoT security, preferably in the medical device or the pharmaceutical industry.
  • Proficiency in security frameworks (e.g., NIST, OWASP, MITRE ATT&CK, PASTA, STRIDE) and standards such as FDA cybersecurity guidance
  • Experience assessing security risks using industry standard methods (penetration test results, threat modeling, security testing) and determining residual risk after applying compensating security controls
  • Experience implementing and demonstrating compliance to security frameworks such as NIST, IEC, HITRUST, HIPAA, GDPR, ISO 27001, SOC 2 Type 2 and familiarity working with Quality Management Systems
  • Experience working with teams in a structured software development lifecycle process
  • Excellent interpersonal skills, both written and verbal, with the ability to clearly convey complex security topics to a wide audience - technical and non-technical teams.
  • Proven track record of achieving outcomes and nurturing relationships.
  • Skilled in crafting compelling proposals and other business development materials. Proficient in cultivating opportunities within the client base and network.
  • Holds Cyber Security accreditations/qualifications such as [CISSP, CSSLP, CISM], indicating a solid foundation in the field.

 

We know the skill-gap and ‘somewhat need to tick every box’ can get in the way of meeting brilliant candidates, so please don’t hesitate to apply – we’d love to hear from you.

Apply today by completing our online application

#LI-IC2



Additional Information

Life At PA encompasses our peoples' experience at PA. It's about how we enrich peoples’ working lives by giving them access to unique people and growth opportunities and purpose led meaningful work. 

Our purpose guides how we work with our clients and our teams, and support our communities, to deliver insight and impact, solving the world’s most complex challenges. We're focused on building a workplace that values human difference and diverse mindsets, and a culture of inclusion and equality that unlocks the potential in our people so everyone can be their best self. 

Find out more about Life at PAhere

We are dedicated to supporting the physical, emotional, social and financial well-being of our people. Check out some of our extensive benefits: 

  • Health and lifestyle perks accompanying private healthcare for you and your family 
  • 25 days annual leave (plus a bonus half day on Christmas Eve) with the opportunity to buy 5 additional days 
  • Generous company pension scheme 
  • Opportunity to get involved with community and charity-based initiatives 
  • Annual performance-based bonus 
  • PA share ownership 
  • Tax efficient benefits (cycle to work, give as you earn) 

We’re committed to advancing equality. We recruit, retain, reward and develop our people based solely on their abilities and contributions and without reference to their age, background, disability, genetic information, parental or family status, religion or belief, race, ethnicity, nationality, sex, sexual orientation, gender identity (or expression), political belief veteran status, or other by any other range of human difference brought about by identity and experience. We welcome applications from underrepresented groups. 

Adjustments or accommodations - Should you need any adjustments or accommodations to the recruitment process, at either application or interview, please contact us on  

Related Jobs

View all jobs

Firmware Engineering Manager

Senior DevOps Engineer

Cyber Security Consultant

Electrical Engineer

Electrical Engineer

Service Delivery Manager

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Careers

Tips for Staying Inspired: How Cyber Security Pros Fuel Creativity and Innovation

Cyber security professionals face a rapidly changing digital landscape, where new threats emerge almost daily and the stakes—protecting critical data, safeguarding personal privacy, and defending entire infrastructures—could not be higher. It’s easy to be consumed by vulnerability scans, incident response workflows, and endless compliance checks. Yet, thriving in this high-pressure environment demands more than just technical know-how. It also requires creativity and innovation, which enable you to stay one step ahead of potential attackers. So how do cyber security experts remain inspired and agile, even when the challenges can feel relentless? Below, we’ll explore ten actionable strategies to help security analysts, threat hunters, penetration testers, and security engineers maintain fresh perspectives and keep innovating. If you’re looking to sharpen your problem-solving skills and rediscover the spark that drew you to cyber security in the first place, these tips can guide you toward a more fulfilling and impactful career.

Careers

Top 10 Cyber Security Career Myths Debunked: Key Facts for Aspiring Professionals

In a hyper-connected world, cyber security is no longer an afterthought—it’s a core component of modern business, government, and everyday life. From stopping ransomware attacks to safeguarding personal data, cyber security professionals shoulder a vital responsibility: keeping digital systems, networks, and data safe. Unsurprisingly, the demand for skilled cyber security talent continues to surge, offering robust and often lucrative career paths. Yet, despite the industry’s prominence, myths and misconceptions about cyber security careers abound. Is it really just about hacking? Do you need to be a superhuman coder with years of experience? Or is cyber security just a niche field, reserved for tech giants? At CyberSecurityJobs.tech, we see firsthand how these myths deter capable individuals from entering or advancing in one of the most dynamic fields in tech. This article aims to bust the top 10 cyber security career myths—providing clear, evidence-based insights into what it really takes to thrive in this ever-evolving domain. Whether you’re a recent graduate exploring the field, a mid-career professional seeking a pivot, or simply curious about the prospects, read on to discover the true breadth and promise of cyber security careers.

Careers

Global vs. Local: Comparing the UK Cyber Security Job Market to International Landscapes

Understanding opportunities, salaries, and work culture in cyber security across the UK, the US, Europe, and Asia Cyber security has rapidly ascended from a back-office concern to a strategic priority for every industry. As data breaches, ransomware, and nation-state attacks increase in frequency and sophistication, organisations worldwide are racing to fortify their digital defences. This ongoing surge in cyber threats fuels an unprecedented demand for skilled security professionals—ranging from penetration testers and threat intelligence analysts to cloud security architects and CISOs. In this article, we’ll explore how the UK cyber security job market compares to major international hubs in the United States, Europe, and Asia. We’ll discuss job opportunities, salary bands, work culture, and provide guidance for those who might be contemplating remote or overseas positions. By understanding the nuances of each region’s cyber security ecosystem, you can make a more informed decision about where and how to advance your career in this high-impact, fast-evolving sector. Whether you’re a seasoned expert with years of experience or a career-changer eager to break into cyber security, this overview will help you navigate the global landscape. By the end, you’ll have a clearer perspective on each region’s advantages and challenges—along with practical insights for seizing the best opportunities in a field that has become mission-critical for every modern organisation.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.