Product Security Engineering Lead

We are seeking a Product Security Engineering Lead to guide and work with our product divisions to identify, assess, and mitigate security vulnerabilities in software and associated hardware products.

Requirements

• Assess, establish and maintain clear guidelines and best practices for secure coding, vulnerability management, and incident response
• Develop and maintain product security risk assessment processes, providing support and guidance to project teams
• Develop scanning and review processes to discover security vulnerabilities and devise mitigation strategies, as well as report and resolve technical debt
• Serve as a Subject Matter Expert (SME) in product security for projects during development phases, providing information security consulting and recommendations, and ensuring the implementation of approved security requirements
• Collaborate with developers and their teams to ensure security is integrated at every stage of the software development lifecycle
• Guide teams to automate security scans and tests and implement secure coding practices, ensuring product compliance with regulatory standards
• Work with DevOps leads to ensure security tools and processes are integrated into their DevOps pipelines
• Monitor and assess the effectiveness of the implemented cybersecurity controls
• Coordinate activities with the owning product divisions when vulnerabilities are reported by 3rd parties, and guide the response
• Work with development teams to remediate security vulnerabilities and prevent future incidents
• Track and address security issues effectively, ensuring timely remediation and patching
• Document and report results of the cybersecurity program to stakeholders
• Organise, design and deliver cybersecurity training and awareness-raising activities
• Share product security learning with the operational security team, and vice-versa
• Stay updated on the latest security threats, trends and best practices
• Identify opportunities to incorporate AI tooling into the development lifecycle, selecting and taking forward the most promising use cases

Benefits

• 9% non-contributory pension
• discretionary annual bonus
• subsidised onsite restaurants and coffee shops
• free parking
• car sharing scheme
• 24 hour fitness centres
• variable working programme
• 25 days holiday plus bank holidays
• Life Assurance policy of 12 times annual salary
• Cycle to Work scheme
• enhanced maternity pay subject to qualifying criteria
• Health Cash Plan
• the option to join BUPA Renishaw Health Trust
• an Employee Assistance Programme for employees and family