Director of Security and Compliance safeguarding digital assets and data with a focus on cybersecurity and compliance. Leading risk management, stakeholder engagement, and team leadership initiatives.
About the role
- Lead Product Security Engineer responsible for delivery of product security in defense aviation. Develop security protocols while managing a team in the Electronic Warfare domain.
Responsibilities
- Develop and manage a team of security engineers, whilst being accountable for the delivery of security services within product teams.
- Define product security requirements, advising development teams on suitable implementation standards and techniques and overseeing product development activities.
- Develop and manage security protocols, tools, and processes that keep our technologies ahead of emerging threats.
- Create and manage key artefacts such as Security Management Plans, Risk Assessments, and Remediation Action Plans.
- Drive Security Assurance through the full product lifecycle, ensuring every design is robust, compliant, and resilient.
- Provide independent Information Assurance (IA) reviews and risk assessments on a variety of complex, high-impact projects.
- Contribute to Leonardo’s UK-wide Security and IA community — shaping best practice and influencing security strategy.
Requirements
- Practical experience of ISO27001 /27004/27005 and NIST Risk Management Framework (RMF).
- Experience of owning a security risk management system for highly regulated products based on recognised frameworks such as aerospace, nuclear, automotive, rail or oil and gas.
- Good understanding and appreciation of the Engineering development lifecycles and how the Product Security specialism aligns.
- Ability to interpret Penetration Test Reports and write Remediation Action Plans.
- An appreciation of the wider UK Government Assurance Processes (such as the legacy JSP 604 Assurance or the CAF GovAssure processes).
Benefits
- Time to Recharge: Enjoy generous leave with the opportunity to accrue up to 12 additional flexi-days each year.
- Secure your Future: Benefit from our award-winning pension scheme with up to 15% employer contribution.
- Your Wellbeing Matters: Free access to mental health support, financial advice, and employee-led networks championing inclusion and diversity (Enable, Pride, Equalise, Armed Forces, Carers, Wellbeing and Ethnicity).
- Rewarding Performance: All employees at management level and below are eligible for our bonus scheme.
- Never Stop Learning: Free access to 4,000+ online courses via Coursera and LinkedIn Learning.
- Refer a friend: Receive a financial reward through our referral programme.
- Tailored Perks: Spend up to £500 annually on flexible benefits including private healthcare, dental, family cover, tech & lifestyle discounts, gym memberships and more.
- Flexible working: Flexible hours with hybrid working options.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Information Security Risk & Compliance Analyst supporting the maintenance of ISO 27001 standards. Contributing to risk assessments and compliance across AAB’s Business Protection Team.
Information Security Risk & Compliance Analyst at AAB managing compliance with ISO 27001, supporting enterprise risk assessments and enhancing information security systems.
Information Security Risk & Compliance Analyst at AAB focusing on ISO 27001 compliance and information security management. Collaborating across teams to ensure robust risk and compliance frameworks.
Security Principal at Optiv designing AI security solutions for clients, leveraging advanced security services and technologies. Driving pipeline generation and maintaining strong client relationships as a trusted advisor.
Cloud Security Architect supporting federal customer projects focused on architecture and security solutions. Conducting risk assessments and defining security requirements within a cloud environment.
Information Security Specialist responsible for enhancing cybersecurity posture through incident management and compliance. Collaborating with cross - functional teams to monitor threats and implement security measures.
Senior Lead Info Security Architect leading and collaborating on cybersecurity solutions at TIAA. Responsible for secure design and implementation of cloud security strategies and practices.
Part Time Security Officer providing protection for Collector's personnel and assets at trade shows across North America while reporting to Security Shows & Transportation Manager.
Enterprise Security Architect at PBCN GmbH designing and implementing security architectures. Collaborating with teams to ensure application security and conducting risk assessments.