Let’s be honest: most “application security” roles either sit too far from delivery… or turn into checkbox exercises.

This one doesn’t.

We’re looking for a Product Security Engineer who wants to be embedded with engineers, shaping how secure software is actually built - not just reviewing it after the fact.

You’ll sit within Cyber Security, but day-to-day you’ll be part of the Digital team, working shoulder-to-shoulder with developers, product managers, architects and DevOps engineers.

Your job? Make security the default, not the blocker.

The Role (In Plain English)

You’ll be the go-to person for application and product security across the full SDLC - from early design conversations through to production and beyond.

This is a hands‑on role. You’ll threat model with teams, review designs, help fix vulnerabilities, improve pipelines, and continuously raise the bar for how secure our products are.

You won’t be throwing report...