Product Cybersecurity Engineer / Specialist
Quick Summary
Job Description Location: Harwell,
We are seeking an experienced Product Cybersecurity Engineer to lead and support cybersecurity activities across our spectroscopy and vacuum product portfolio. This role is critical to ensuring our products meet evolving global cybersecurity regulations, customer requirements, and industry best practices—particularly in regulated markets such as aviation security, customs & borders, pharmaceuticals, and defence.
You will work cross-functionally with R&D, Product Security, Agilent IT , Sales, and Marketing teams, ensuring cybersecurity is embedded throughout the product lifecycle—from design and development through to deployment and ongoing support.
You will report to the R&D Software Manager as part of the team responsible for writing the software/firmware that runs our instruments but it is expected that this will be a cross-functional and cross-product role.
The role will be based out of our Harwell, Oxfordshire office in the UK. There is some expectation to be on-site for hands-on work with our products, but we operate a hybrid model (2-3 days working from home, 2-3 days on-site) as a standard option.
Responsibilities
~1 min read- Interpret and apply global cybersecurity and privacy regulations (e.g. GDPR, EU Cyber Resilience Act). Aligning approach with Legal and the CISO organisation.
- Act as product line lead for EU CRA readiness, including:
- Product cybersecurity documentation
- Policy and procedure development
- Coordination and collaboration with product teams and central security functions
- Own and track remediation plans to ensure continued product compliance.
- Maintain and review cybersecurity requirements aligned to target markets (e.g. defence, aviation, customs).
- Ensure products are GDPR compliant.
- Support Sales and Marketing with cybersecurity content for tenders and bids:
- Contribute to cybersecurity whitepapers and standard documentation
- Provide technical input for tender compliance submissions
- Participate in customer-facing cybersecurity discussions, where needed.
- Review customer and regulatory documentation and translate requirements into product development inputs.
- Stay aligned with industry developments and best practices.
- Ensure products meet:
- Internal Agilent security policies and procedures
- External regulatory and customer requirements
- Drive a proactive cybersecurity approach within product development.
- Conduct or support cybersecurity testing and assessments, identifying vulnerabilities and providing reports.
- Collaborate with R&D to:
- Analyse vulnerabilities
- Identify false positives and controls
- Conduct threat modelling
- Define, implement and track remediation plans
- Provide technical guidance on:
- Encryption and key management
- Patch management
- Identity and user management
- Contribute to infrastructure security (e.g. certificate and secret management).
- Support secure product configuration tailored to customer needs.
- Drive adoption of DevSecOps practices, including:
- CI/CD security integration
- Automated vulnerability scanning (e.g. Nessus)
- Implement and maintain:
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- Software Composition Analysis (SCA)
- Lead Software Bill of Materials (SBOM) creation and management in the spectroscopy and vacuum product lines.
- Perform application security and penetration testing in collaboration with the internal Product Security Program team.
- Secure Windows 10/11 IoT-based embedded systems, including:
- Group policy and registry hardening
- Attack surface reduction (services, ports, etc.)
- Patch and update management
- Endpoint protection and antivirus
- Mobile Device Management (e.g. Intune)
- Implement Microsoft security features such as:
- BitLocker, AppLocker, Unified Write Filter (UWF)
- Support development and maintenance of embedded OS images.
- (Desirable) Knowledge of Embedded Linux security.
- Monitor emerging threats, vulnerabilities, and regulatory changes.
- Ensure products remain secure throughout their lifecycle.
- Promote continuous improvement in cybersecurity practices.
- Manage OS patching and release cycles for product platforms.
- Maintain secure embedded OS builds (e.g. FFU images).
- Ensure regular:
- Vulnerability scanning (e.g. Nessus)
- Security testing and validation
- Support CI/CD environment hardening and security patching.
Requirements
~1 min read- Bachelor’s or master’s degree or equivalent
- Proven experience in product cybersecurity or application security – typically 4+ years relevant experience.
- Strong understanding of:
- Secure software development lifecycle (SSDLC)
- Vulnerability management and remediation
- Regulatory compliance (GDPR, EU CRA, emerging EU and global regulations)
- Hands-on experience with:
- Security testing (SAST, DAST, SCA)
- Penetration testing or vulnerability analysis
- Threat modelling
- Knowledge of Windows OS security (preferably embedded/IoT variants).
- Experience working with cross-functional engineering teams.
- Relevant cybersecurity certifications (e.g. CISSP, CompTIA PenTest, ISC2 CSSLP would be beneficial
- Familiarity with DevSecOps tools and CI/CD pipelines
- Experience with:
- Nessus or similar scanning tools
- Software Bill of Materials (SBOM)
- Embedded Linux security knowledge.
- Exposure to regulated industries (defence, aviation, pharma, border security).
- Experience leveraging modern AI-assisted tools (e.g. Copilot, LLMs) to enhance secure development, documentation, and cybersecurity analysis while applying appropriate engineering judgement and data security controls
- Strong analytical and problem-solving skills
- Ability to translate regulations into actionable engineering requirements
- Excellent communication skills, including customer-facing interactions
- Proactive, self-driven, and detail-oriented
- Comfortable working across multiple stakeholders and geographies
What We Offer
~1 min readLocation & Eligibility
Listing Details
- Posted
- June 1, 2026
- First seen
- June 6, 2026
- Last seen
- July 6, 2026
Posting Health
- Days active
- 0
- Repost count
- 0
- Trust Level
- 27%
- Scored at
- June 6, 2026
Signal breakdown
Please let agilent know you found this job on Jobera.
4 other jobs at agilent
View all →Explore open roles at agilent.
Similar Security Engineer jobs
View all →Browse Similar Jobs
Stay ahead of the market
Get the latest job openings, salary trends, and hiring insights delivered to your inbox every week.
No spam. Unsubscribe at any time.