Overview
Product Security Engineer Lead responsible for building, leading, and scaling a high-performing product security team within the RCI division.
The role defines product cybersecurity strategy and embeds security-by-design across the full product lifecycle to meet regulatory and business objectives.
Responsibilities
Lead, mentor, and manage a team of product cybersecurity engineers
Build a collaborative, inclusive, and high-performance team culture
Define and execute a multi-year product security roadmap aligned with enterprise cybersecurity strategy
Prioritise resources to balance business needs, risk exposure, and regulatory obligations
Develop technical and cybersecurity capability through coaching and structured development
Define and monitor metrics for security maturity, vulnerability trends, and team performance
Provide technical leadership on secure product architecture and vulnerability management
Embed security-by-design principles across development and post-market activities
Partner with R&D, Quality, Regulatory, Legal, and Executive leadership to communicate security posture
Lead post-market cybersecurity activities including vulnerability assessment, patching, and mitigations
Ensure compliance with FDA, EU MDR, ISO/IEC *****, IEC *****, and global cybersecurity expectations
Act as a key stakeholder in design reviews, risk assessments, and incident response planning
Collaborate with product management and customer support on transparent security communications
Evaluate emerging threats and technologies to proactively strengthen product security
Ensure alignment with BD development policies and software quality procedures
Requirements
Bachelor's or Master's degree in Cybersecurity, Computer Science, Engineering, or related discipline
8+ years' experience in product cybersecurity within regulated or medical device environments
Proven experience leading technical teams and defining long-term security strategy
Strong knowledge of secure development practices, threat modelling, and risk management
Experience working within regulated quality and regulatory frameworks
Excellent stakeholder engagement and communication skills
Certifications such as CISSP, CISM, or CEH are advantageous
Experience with embedded systems, IoT, and cloud-connected products
Familiarity with DevSecOps tools and methodologies
Benefits
Comprehensive healthcare coverage, including options for family members
Competitive pension scheme with employer contribution
Performance-related incentive bonus
Opportunity to participate in a company share investment or savings programme
Life assurance cover
Generous annual leave entitlement plus public holidays
#J-*****-Ljbffr