Product Security Engineer - Rolls Royce

Key Responsibilities

• Lead threat modeling and risk assessments for new and existing products.
• Integrate security requirements and controls into the software development lifecycle.
• Conduct secure code reviews and static/dynamic analysis for Python and C++ codebases.
• Identify, triage, and remediate vulnerabilities across on‑premise and cloud environments.
• Collaborate with cross‑functional engineering teams to define security standards and best practices.
• Automate security testing and compliance checks within CI/CD pipelines.

Requirements

• Bachelor's degree in Computer Science, Engineering, or related field with 3+ years of product security experience.
• Strong knowledge of threat modeling methodologies (e.g., STRIDE, PASTA) and secure coding practices.
• Proficiency in Python and C++ development and associated security tooling.
• Hands‑on experience with DevSecOps tools such as SAST, DAST, container security, and cloud security platforms (AWS, Azure, or GCP).
• Excellent communication skills and ability to influence engineering teams on security decisions.