Summary
Product Security Engineer Lead responsible for building, leading, and scaling a high-performing product security team within the RCI division. The role defines product cybersecurity strategy and embeds security-by-design across the full product lifecycle to meet regulatory and business objectives.
Responsibilities
* Lead, mentor, and manage a team of product cybersecurity engineers
* Build a collaborative, inclusive, and high-performance team culture
* Define and execute a multi-year product security roadmap aligned with enterprise cybersecurity strategy
* Prioritise resources to balance business needs, risk exposure, and regulatory obligations
* Develop technical and cybersecurity capability through coaching and structured development
* Define and monitor metrics for security maturity, vulnerability trends, and team performance
* Provide technical leadership on secure product architecture and vulnerability management
* Embed security-by-design principles across development and post-market activities
* Partner with R&D, Quality, Regulatory, Legal, and Executive leadership to communicate security posture
* Lead post-market cybersecurity activities including vulnerability assessment, patching, and mitigations
* Ensure compliance with FDA, EU MDR, ISO/IEC 27001, IEC 62443, and global cybersecurity expectations
* Act as a key stakeholder in design reviews, risk assessments, and incident response planning
* Collaborate with product management and customer support on transparent security communications
* Evaluate emerging threats and technologies to proactively strengthen product security
* Ensure alignment with BD development policies and software quality procedures
Requirements
* Bachelor's or Master's degree in Cybersecurity, Computer Science, Engineering, or related discipline
* 8+ years' experience in product cybersecurity within regulated or medical device environments
* Proven experience leading technical teams and defining long-term security strategy
* Strong knowledge of secure development practices, threat modelling, and risk management
* Experience working within regulated quality and regulatory frameworks
* Excellent stakeholder engagement and communication skills
* Certifications such as CISSP, CISM, or CEH are advantageous
* Experience with embedded systems, IoT, and cloud-connected products
* Familiarity with DevSecOps tools and methodologies
Benefits
* Comprehensive healthcare coverage, including options for family members
* Competitive pension scheme with employer contribution
* Performance-related incentive bonus
* Opportunity to participate in a company share investment or savings programme
* Life assurance cover
* Generous annual leave entitlement plus public holidays