Principal Product Security Engineer at NAVANTIA UK

Bristol, England, United Kingdom -

Full Time

Start Date

Immediate

Expiry Date

09 Jul, 26

Salary

0.0

Posted On

10 Apr, 26

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cyber security, Secure-by-design, Information assurance, IT/OT architecture, Threat modelling, Risk assessment, TEMPEST, Def Stan, IEC 62443, NIST, Network zoning, Identity and access management, Security accreditation, Vulnerability assessment, Penetration testing, Incident response

Industry

Shipbuilding

Description

Company Description Navantia UK is a new force in British industry, supporting the UK’s defence, security and energy transition ambitions. We’re doing this by creating state-of-the-art sovereign defence capabilities, investing in the UK to modernise industrial facilities, and bolstering the nation's energy security. Established in 2022, Navantia UK is a subsidiary of Navantia SA, a Spanish state-owned company with over 300 years of naval shipbuilding history. In January 2025, Navantia UK completed the acquisition of Harland & Wolff and its four historic facilities in Belfast, Appledore, Methil, and Arnish. By combining Harland & Wolff’s proud heritage and facilities with Navantia’s global expertise, Navantia UK is well-positioned to strengthen Britain’s defence, maritime and energy industrial capabilities, supporting jobs and economic growth across the UK. Job Description Navantia UK is a leading provider of innovative naval solutions, specialising in the design, construction, and lifecycle support of naval ships. As part of the global Navantia Group, we are committed to delivering cutting-edge technologies and world-class services across the maritime sector. Based in Bristol, we are seeking a passionate Principal Product Security Engineer to join our team and play a pivotal role in the security of our designs and related current and emerging technology solutions on advanced next generation naval and government ships. This role is offered on a full‑time basis, but we also welcome applications from candidates with the right skills who are interested in part‑time working. The Opportunity Based in Bristol the Principal Product Security Engineer is responsible for defining, implementing, and assuring the security strategy for defence shipping and Fleet Solid Support Programme. This role ensures that cyber security, information assurance, and secure-by-design principles are embedded across both the platform (ship) design and the IT/OT architecture throughout the full engineering lifecycle. The role operates at the intersection of naval architecture, marine systems engineering, combat/logistics support systems, and enterprise IT/operational technology (OT), ensuring compliance with MOD security policies and relevant maritime cyber regulations. Duties Security Leadership & Strategy Develop and maintain the Product Security Management Plan (PSMP) for the vessel programme, covering all aspects of security. Define the security architecture strategy for both ship systems (OT) and IT networks. Act as the security authority within the Integrated Project Team (IPT). Provide leadership on secure-by-design principles across naval platform development. Secure Ship Design Integration Ensure security requirements are embedded into programmable elements and systems included but not limited too: Platform management systems Navigation systems Propulsion and machinery control systems Communications systems (internal & external) Mission/logistics systems (if applicable) Conduct threat modelling and risk assessments for marine and hybrid IT/OT environments. Define physical security requirements and access controls. Support management of TEMPEST where required. Support design reviews (SRR, PDR, CDR) with formal security assurance inputs. Ensure compliance with relevant standards (e.g., Def Stan, NCSC guidance, IEC 62443, NIST, IMO cyber guidance). IT & OT Architecture Security Define secure network zoning and segregation between: Operational Technology (OT) Information Technology (IT) Communications systems Approve system boundary definitions and trust zones. Ensure secure configuration baselines for onboard systems. Oversee secure integration of third-party vendors and subcontractors. Define Identity and Access Management (IAM) and privileged access strategies for afloat systems. Risk, Assurance & Compliance Lead security risk management in alignment with MOD/NCSC frameworks. Manage security risk registers and treatment plans. Coordinate accreditation and authority-to-operate activities. Support JSP 440 / JSP 604 compliance activities. Provide evidence for security case development and formal assurance reviews. Supply Chain & Third-Party Security Define security requirements within supplier contracts. Conduct supplier security assessments. Ensure secure development practices across the supply chain. Validate SBOMs (Software Bill of Materials) where required. Testing & Validation Define security test strategies including: Vulnerability assessments Penetration testing Factory Acceptance Testing (FAT) security scope Harbour and Sea Trial cyber validation Oversee remediation of identified vulnerabilities. Ensure secure configuration prior to vessel acceptance. Incident Preparedness & Operational Security Define onboard cyber incident response requirements. Ensure monitoring and logging architecture supports detection and forensic investigation. Contribute to lifecycle security planning, including in-service support. Qualifications Significant experience in cyber security within defence, maritime, or critical infrastructure environments. Experience in both the application of security accreditation and Secure by Design in a UK MOD environment. Experience securing complex IT/OT systems. Strong understanding of secure systems engineering principles. Experience working within MOD or defence regulatory frameworks. Demonstrated experience leading security through engineering design reviews. Knowledge of maritime systems and shipboard integration challenges. Strong understanding of network architectures, design and operation. Experience in the application of TEMPEST measures to design including use of Def-Stan 08-050 and 59-411, NCSC GPG14 and SDIP-29. Knowledge of maritime facility requirements for handling of high and extremely high classified data, e.g. STRAP, in line with UK MOD and NCSC requirements. Additional Information On Offer Competitive base pay Company pension 33 days holiday Life assurance Health care cash plan (optional) Cycle to work scheme (optional) We are an Opening Doors employer, committed to equal opportunity and an inclusive workplace. Our approach, shaped by our values of service, trust, excellence, agility, dedication, and you, we focus on removing barriers and recognising potential. We are committed to fairness at every stage, including providing reasonable adjustments and actively working to eliminate discrimination. We believe talent is everywhere, and by widening access to opportunity and welcoming diverse experiences, we aim to create a workplace where every person feels valued and has an equal chance. If you experience difficulties or are unable to apply for a role on-line please contact us at [email protected] and one of the team will be in contact to help you. Location: Bristol Department: IT & Security Employment Type: Permanent

Responsibilities

The Principal Product Security Engineer will define and implement security strategies for naval vessels, ensuring secure-by-design principles are integrated across IT and OT architectures. This role involves leading security risk management, conducting threat assessments, and ensuring compliance with MOD and maritime security standards throughout the engineering lifecycle.