Find your future role
Product Cyber Resilience Manager (Test Solutions)
As a Product Cyber Resilience Manager specializing in Test Solutions, your primary responsibility is to fortify and safeguard our products against cyber threats.
Key skills required for this role
Cyber Product Safety, Product Cyber Resilience, Systems Development Life Cycles, V-Model, Software Development Life Cycle, Agile Frameworks, Security Cleared
Position subject to security clearance and proof of 5-year UK residency.
At Leonardo, we are excited to offer an exceptional opportunity for you to make a senior-level contribution to the design and certification of our expanding portfolio of world-class Mission Critical and Flight Safety Involved Airborne Systems. As a valued member of the Engineering Governance organization, working within the Test Solutions function, you will have the unique responsibility of determining a certification basis that aligns with security requirements. Ideally, you will bring practical experience with ISO27001/27004/27005 or the NIST Risk Management Framework (RMF), knowledge of UK/NATO Information Assurance/Accreditation frameworks, and familiarity with the application of cyber resilience controls to embedded systems.
You will play a vital role in our Test Solutions team, supporting the Radar and Advanced Targeting product lines. Working alongside the Head of Engineering Projects for Test Solutions, you will assist in developing security and engineering management plans, working closely with each Integrated Product Team (IPT). Your guidance will lead engineering teams within the IPTs through the product lifecycle, overseeing the certification process on behalf of the System Design Authority, and ensuring certification/accreditation of the Test Solution. You will also provide subject matter expertise during product maturity reviews, all while adhering to the principles of Secure by Design.
A significant aspect of this role is the continuous improvement of the cyber resilience of our products. Leonardo is committed to supporting your professional development as well as enhancing the business's process capability. Many of our products are on the cutting edge, incorporating innovative technologies such as AI/ML, Autonomy, High-assurance multicore processing, Electro-Optics, and Model-Based Systems Engineering. Here, you will have the opportunity to contribute to and learn from these exciting advancements.
Leonardo's RATS Line-of-Business (LoB) products encompass sensor and defensive applications, including Laser Directed Energy Weapons (LDEW), Infrared Countermeasure (IRCM), Fire Control Radar, Surveillance Radar, and other Non-Kinetic Effects products. You will be actively involved in major UK and Global programs such as Eurofighter Typhoon and the Global Combat Air Program, alongside numerous Crewed and Un-Crewed Airborne Platforms worldwide.
What You Will Do:
On a daily basis, you will work closely with the Test Solutions engineering delivery disciplines and IPTs to meet contractual and regulatory cyber resilience requirements. These requirements are crucial for systems that support and deliver assurance activities for airborne systems, including Mission Critical and Flight Safety involved systems, often with demanding safety and security requirements themselves. Your responsibilities will include:
- Producing Security Management Plans, work package descriptions, and cost estimates to support product bids, services, and proposals.
- Reviewing and providing guidance on security risk assessments, risk mitigation plans, mitigation gap analysis, and security management documentation for system Accreditation, such as solution hardening guidance and security operating procedures.
- Defining product security requirements, advising development teams on suitable implementation standards and techniques, and overseeing product development activities.
- Collaborating with Security Accreditors and Security Assurance Coordinators in support of security Accreditation.
- Participating in internal and external discipline working groups and working with academic partners covering Product Cyber Resilience and Product Security for various established and emerging standards.
- Contributing to the continual improvement of the engineering capability within the RATS LoB.
Skills, Qualifications & Knowledge - What We Are Looking For:
In broad terms, we seek candidates with the following qualities:
- Practical experience in developing a security or safety risk management system for complex products based on a recognized framework in a highly regulated industry such as aerospace, nuclear, automotive, rail, or oil & gas.
- Practical experience with the System Development Life Cycle, Software Development Life Cycle, V-Models, and Agile frameworks.
- Effective and flexible communication and interpersonal skills.
- Ability to interact with subject matter experts on a wide range of technical and operational topics.
- Excellent written and verbal communication skills, with the ability to coach and develop others.
- Ability to obtain SC security clearance and work within UKEO and US ITAR TAA restrictions.
- A passion for promoting and improving the safety and security of complex systems.
It would be desirable, though not essential, if you also had experience with one or more of the following:
- Practical experience with ISO27001/27004/27005 or NIST Risk Management Framework (RMF).
- Knowledge of UK/NATO Information Assurance/Accreditation frameworks.
- Familiarity with the application of cyber resilience controls to embedded systems