Staff Product Security Engineer
Summary
Staff Product Security Engineer responsible for defining and driving cybersecurity strategy across a product portfolio. This role combines hands-on technical leadership with team guidance to embed secure-by-design principles from concept through post-market.
Responsibilities
1. Lead and support a Product Security team across multiple products within the business unit
2. Reduce cybersecurity risk and enhance product resilience across the portfolio
3. Promote a culture of accountability, innovation, and continuous improvement
4. Embed secure-by-design practices including threat modelling and proactive vulnerability management
5. Collaborate with R&D, Quality, Regulatory, IT, and engineering teams across the full lifecycle
6. Translate enterprise cybersecurity strategy into executable product-level plans
7. Track, measure, and report security posture and risk trends
8. Guide engineering teams on interpreting security requirements and implementing controls
9. Define and deploy software security controls including encryption, authentication, logging, hardening, and patching
10. Conduct product security risk assessments and hazard analyses
11. Provide remediation guidance for vulnerabilities during development and post-market
12. Support product security documentation using SAP, DocuSign, and SharePoint
13. Coordinate document reviews and approvals in line with quality requirements
14. Facilitate technical design reviews and code inspections with actionable feedback
15. Support incident response activities and vulnerability management planning
16. Collaborate with penetration testing, systems, hardware, quality, and technical service teams
17. Ensure compliance with BD development policies and software quality procedures
Requirements
18. Bachelor's degree in Computer Science, Computer Engineering, Electrical Engineering, or equivalent experience
19. Minimum of 5 years' experience in IT security architecture and secure software development
20. Experience leading and managing technical teams
21. Strong knowledge of encryption algorithms and PKI solutions
22. Understanding of embedded system security challenges and mitigations
23. Experience with static and dynamic code analysis tools
24. Strong knowledge of networking, security architectures, and threat vectors
25. Experience working within regulated environments and quality management systems
26. Excellent written, verbal, and interpersonal communication skills
27. Strong work ethic with consistent delivery against objectives
28. Proficiency with Microsoft Office tools
Benefits
29. Comprehensive healthcare coverage, including options for family members
30. Competitive pension scheme with employer contribution
31. Performance-related incentive bonus
32. Opportunity to participate in a company share investment or savings programme
33. Life assurance cover
34. Generous annual leave entitlement plus public holidays
#LI-MS2