Product Security Engineer Full Time

Are you an experienced security professional with a strong background in Information Assurance, Security by Design, and project security risk? Do you want to work on genuinely complex, high-stakes products in an environment where your expertise will be valued and your career actively developed?   We’re working with a specialist, highly respected technology business to find a Product Security Engineer to join their team. This is a hybrid role with a minimum of 2 days per week on site — though the nature of the work means there will be weeks where full on-site presence is required.   This role is open to candidates ideally based in Surrey or secondary Dorset.   Important: This role requires SC Security Clearance. Applicants must be UK born, UK nationals.   What you’ll be doing:   → Undertaking project security risk analysis and ensuring security deliverables are developed and delivered in line with customer requirements → Developing and implementing Product Security Policies aligned to SbD principles → Chairing internal and external project security reviews and working groups → Producing and delivering project documentation in line with Information Assurance frameworks → Contributing manpower estimates to the bid process → Working closely with engineering, product development and QA teams to embed security best practice throughout the product lifecycle → Supporting the wider Supportability function as required   What we’re looking for — essential:   ✔ Proven experience in project security planning and implementation (e.g. NIST 800 series) ✔ Experience delivering project documentation using Security by Design (SbD) principles ✔ Strong background in Information Assurance — RMADS, SbD documentation, CESG Good Practice Guides ✔ Experience in security risk assessment methodologies (e.g. NCSC) ✔ Able to work autonomously and adapt quickly to changing project demands ✔ Excellent communication, literacy, and MS Office skills ✔ SC cleared or eligible to obtain SC clearance   Nice to have:   ★ Risk Management or DevSecOps experience ★ Knowledge of TEMPEST or Electromagnetic Compatibility ★ Familiarity with Defence Security Standards (Def Stan 05-138, 05-139, JSP440, Security Policy Framework) ★ Background in Defence, MoD, or serving military   What’s in it for you:   Up to 24 additional holiday days per year via paid overtime or TOIL Private medical care — access to 50+ private clinics and hospitals nationwide Christmas closedown — most staff off from 24th December to 2nd January Competitive employer-matched pension scheme Company tech provided — laptop, mobile and home office equipment Salary sacrifice schemes — bikes, tech and more Gym discounts (plus onsite gym) Flexible core hours: 09:30–12:00 & 14:00–16:00 Committed investment in training, upskilling, and career development Relocation package available   This is a rare opportunity to join a business offering genuine vertical and lifecycle exposure — you shape the direction of your own career here.