Job Title

Salaryup to £60,000 depending on experience. LocationWotton-under-Edge, Glouc. (no public transport available) Hybrid working3 days/week onsiteTo bring greater focus to our product security engineering activities, the Product Security Engineering Lead will be responsible for guiding and working with Renishaws product divisions to identify, assess, and mitigate security vulnerabilities in software and associated hardware products. They will work closely with development teams to integrate security practices into the software development lifecycle (SDLC) and help ensure products are secure and compliant with relevant standards and regulations, including the Cyber Resilience Act. Responsibilities Assess, establish and maintain clear guidelines and best practices for secure coding, vulnerability management, and incident responseDevelop and maintain product security risk assessment processes, providing support and guidance to project teamsDevelop scanning and review processes to discover security vulnerabilities and devise mitigation strategies, as well as report and resolve technical debtServe as a Subject Matter Expert (SME) in product security for projects during development phases, providing information security consulting and recommendations, and ensuring the implementation of approved security requirementsCollaborate with developers and their teams to ensure security is integrated at every stage of the software development lifecycleGuide teams to automate security scans and tests and implement secure coding practices, ensuring product compliance with regulatory standardsWork with DevOps leads to ensure security tools and processes are integrated into their DevOps pipelinesMonitor and assess the effectiveness of the implemented cybersecurity controlsCoordinate activities with the owning product divisions when vulnerabilities are reported by 3rd parties, and guide the responseWork with development teams to remediate security vulnerabilities and prevent future incidentsTrack and address security issues effectively, ensuring timely remediation and patchingDocument and report results of the cybersecurity program to stakeholdersOrganise, design and deliver cybersecurity training and awareness-raising activitiesShare product security learning with the operational security team, and vice-versaStay updated on the latest security threats, trends and best practicesIdentify opportunities to incorporate AI tooling into the development lifecycle, selecting and taking forward the most promising use casesThe successful candidate will have the following expertise and skills Bachelors / Masters degreeor equivalent work experiencein Computer Science, Information Security, Business, or a related fieldcirca 3 years of work experience in cybersecurity, especially in an information risk analysis, security engineering or security architecture roleKey requirements Experience in performing penetration testing, secure code review, software composition analysis, static, dynamic and manual code reviewExperience identifying and remediating common vulnerabilities, such as OWASP Top 10Hands-on experience with security scanning toolsProven experience in secure coding practices and vulnerability assessmentExperience securing hardware products controlled by software would be an advantageExperience applying AI to security and development use casesFamiliar with threat modelling frameworks, and having experience with automated toolsKnowledge and skills Excellent communication and collaboration skills to work effectively with cross-functional teamsProficient in programming languages such as C/C++, Python, Java, etc.Able to handle multiple concurrent tasksStrong analytical and problem-solving skillsBenefits When you join Renishaw, we're committing to your future career. That's because we believe in developing our people's skills and promoting them internally. We also offer a benefits package that's highly desirable; including a 9% non-contributory pension, discretionary annual bonus, *subsidised onsite restaurants and *coffee shops, free parking, *car sharing scheme and *24 hour fitness centres. (not available at all sites ). We also want to promote a healthy work-life balance as much as possible, so we have introduced a hybrid working policy which allows for a combination of home and office based working depending on the nature of your role. We also offer a variable working programme, 25 days holiday plus bank holidays, Life Assurance policy of 12 times annual salary, Cycle to Work scheme, enhanced maternity pay subject to qualifying criteria, Health Cash Plan, the option to join BUPA Renishaw Health Trust and an Employee Assistance Programme for employees and family.TPBN1_UKTJ