Job Description

Location:

Frimley, Surrey, England

Salary:

Market related

Category

Cyber Security

Sector:

Aerospace and Defence

Contract type

Contract

Consultant:

Lucy Otter

Principal Engineer - Product Security

Location:

Frimley (hybrid - average of 2-3 days onsite per week)

Rate:

85.40 per hour / umbrella (inside IR35), approx. 632 per day

Contract:

6-months initially (potential for extension or to go permanent)

Hours:

37 per week

Clearance:

Active SC Clearance required

Restrictions:

ITAR and "UK Eyes Only", please note only sole British citizens can apply

About the Role

We're seeking a highly experienced

Principal Product Security Engineer

to join one of our clients Product Security Engineering teams, supporting the delivery and through-life management of secure submarine systems and products.


As a key focal point for security and information risk, you'll apply deep technical expertise to ensure that solutions are designed, delivered, and supported securely, safely, and in compliance with contractual and regulatory requirements.


You'll provide subject matter expertise to internal stakeholders, support technical authorities, and influence the development of security strategies, policies, and best practices across major defence programmes.

Key Responsibilities

Provide expert advice on Product Security to engineering and project teams. Analyse system architectures to identify threats, vulnerabilities, and risk mitigation strategies. Develop and manage Product Security analysis using recognised risk assessment techniques. Contribute to the development of Product Security strategies, policies, and guidance. Recommend and present appropriate controls to mitigate identified risks in line with MOD and government standards. Represent Product Security at design reviews, ensuring security considerations throughout the system lifecycle. Manage concurrent work across multiple security programmes and provide technical leadership to junior engineers. Support incident management and contribute to key project documentation including RMADS, Security Strategies, and accreditation evidence.

Key Deliverables & Accountabilities

Delivery of

Risk Management Accreditation Document Sets (RMADS)

and associated security documentation. Ensuring compliance with contractual and regulatory security requirements. Providing specialist input to verification, qualification, and design review processes. Contribution to broader project artefacts such as training materials, technical publications, and cyber incident plans.

About You

You'll bring a proven track record in

Product Security

or

Information Assurance

, ideally within the defence or maritime sectors. With strong analytical and communication skills, you can assess and articulate information risks to technical and non-technical stakeholders alike.

Essential Knowledge & Experience:

Deep understanding of information risk management, security principles, and relevant MOD/government standards. Proven experience applying security engineering practices across complex systems. Familiarity with cyber and information assurance technologies and evolving threat landscapes. Experience supporting engineering lifecycle phases and managing security through design and delivery. Background in the defence, maritime, or critical national infrastructure environment.

Skills & Qualifications:

Degree (or equivalent experience) in a relevant STEM or Information Security discipline. NCSC CCP SIRA status (or ability to achieve). Membership of a relevant professional body. Strong stakeholder engagement, leadership, and mentoring capabilities.

Why Join?

This is an opportunity to play a critical role in safeguarding some of the UK's most advanced defence technologies. You'll work alongside world-class engineers in a secure, technically challenging, and rewarding environment -- shaping the security foundations of next-generation maritime systems.

Interested?

Apply today to take on a high-impact role where your expertise directly enhances the UK's national defence capability.