Product Security Engineer Lead

Overview

Our client is seeking a dynamic Product Security Engineer Lead to build and guide a high-performing product cybersecurity team within a major technology division. This leadership role blends strategic vision with hands-on technical oversight, ensuring that complex, safety-critical technologies remain secure, resilient, and compliant with global regulatory standards.

The position influences product architecture, promotes secure development practices, and works cross-functionally with engineering, regulatory, quality, and leadership stakeholders to safeguard end-user safety, protect data, and uphold a high level of security across the organisation’s product portfolio.

Role Purpose

The successful candidate will be responsible for:

• Leading day-to-day team operations and technical direction.
• Defining security strategy, driving innovation, and aligning resources to business and regulatory priorities.
• Building a collaborative, forward-thinking engineering culture.
• Ensuring security-by-design principles are embedded across the full product lifecycle.
• Acting as a trusted partner across engineering, quality, and regulatory teams.

This role has direct impact on the security posture of global product lines and requires both strategic leadership and strong technical depth.

Key Responsibilities

Team Leadership & Strategy

• Lead, mentor, and develop a high-performing team of product cybersecurity engineers.
• Foster a collaborative and inclusive culture focused on continuous improvement.
• Prioritise team resources to meet strategic goals and regulatory needs.
• Drive ongoing technical upskilling and cybersecurity competency development.
• Define and execute a multi-year product security roadmap aligned with enterprise objectives.
• Establish KPIs to measure product security maturity, vulnerability trends, and team performance.
• Collaborate with leadership, legal, and regulatory stakeholders to communicate risks and priorities.

Technical & Operational Responsibilities

• Provide expert guidance on secure architecture, threat modelling, and vulnerability management.
• Ensure integration of security-by-design practices throughout development workflows.
• Support post-market cybersecurity activities, including vulnerability assessment, patch development, and field mitigations.
• Partner with product management and customer support to ensure timely communication on security issues.
• Ensure compliance with global regulatory requirements (e.g., FDA, EU MDR) and international standards (e.g., ISO/IEC 27001, IEC 62443).
• Participate in design reviews, risk assessments, and incident response planning.
• Assess emerging threats and technologies to strengthen the product security posture.

Candidate Profile

Qualifications

• Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Engineering, or a related discipline.
• 8+ years’ experience in product cybersecurity, ideally within safety-critical or regulated environments.
• Demonstrated experience in technical leadership, team management, and strategic planning.
• Strong background in secure development practices, risk assessment, and compliance requirements.
• Relevant certifications (e.g., CISSP, CISM, CEH) are advantageous.

Additional Skills

• Experience with embedded systems, IoT, and cloud-connected devices.
• Familiarity with DevSecOps tools and methodologies.
• Excellent communication and stakeholder management capabilities.

Work Environment

This role requires a strong on-site presence, with an expectation of four days per week in the office to support effective collaboration and engagement with cross-functional teams. Remote or field-based roles may follow different guidelines.

Equal Opportunity Statement

The hiring organisation is committed to equal employment opportunities and evaluates applicants without regard to legally protected characteristics.