Share this Job
Apply now »

REQ ID: 56369
JOB TITLE: Product Security Engineer
SALARY: Competitive
POSTING END DATE: 15/04/2021
LOCATION: Manchester 
Dreaming for tomorrow is about more than ideas and ambitions. We’re already building the next generation of vehicles, using repurposed and brand-new technology and techniques. We’re doing more than dream, we’re creating the future of mobility and automotive for years to come.





We are looking for someone who will help us realise our business vision for a cloud-agnostic IoT platform that will provide our customers, suppliers and partners with seamless connected services delivered through an industry-leading global platform that will generate new income streams for our business and also help drive down costs through the use of data analytics.


You will form part of a collaborative, iterative and agile process in a multi-disciplined team helping deliver best in class digital solutions. This role provides a unique opportunity to help support and grow the software engineering and DevSecOps capability within Jaguar Land Rover.


Reporting to the Principal Security Architect and working closely with other multi-disciplined engineers, you will be a valued member of the team, consistently delivering to challenging business objectives, with a focus on the automated and manual security testing of our exciting new projects. You will work on real projects alongside experienced engineers and have constant opportunities to learn. This role sits within the software development centre for digital engineering in Manchester.



Key Performance Indicators:


  • Development of an application security pipeline that is tailored to each of our development teams’ needs.
  • Identification and deployment of security tooling to meet a technology need where it currently doesn’t exist.
  • Development and maintenance of any self hosted security tooling.
  • Product security vulnerabilities are visible, via dashboards, and reduced over time.



Key Accountabilities and Responsibilities:


  • Work with product development teams to ensure their products are free from security vulnerabilities throughout their lifecycle
  • Drive initiatives to automate security processes and reduce toil on development teams
  • Review all Application Security (AppSec) tools and ensure their suitability; identifying alternative tooling where required
  • Work with product teams to build security configurations that are tailored to their environments
  • Build out monitoring and dash-boarding for application security observability
  • Be a strong advocate for DevSecOps practices across the team
  • Conduct manual vulnerability tests to validate the outputs of automated scans
  • Support product development teams in their preparation for and during formal pen tests




Knowledge, Skills and Experience



  • Experience of automated and manual AppSec testing practices and principles
  • Good knowledge of common application and infrastructure security vulnerabilities and mitigations 
  • Experience in configuring and operating security vulnerability tooling covering areas such as static and dynamic application security tools, dependency checking, image/container scanning, secrets detection and fuzzing.
  • Experience with source code management and version control (Git/GitHub/GitLab)
  • Experience with modern CI/CD tools and techniques
  • Experience of scripting languages (e.g. Python, Bash)
  • Excellent verbal and written communication skills
  • Collaborative skills - being open to pair programming and working closely with engineers in cross functional teams
  • Good automation skills, including experience with unit testing and automated testing tools
  • Basic understanding of networking concepts, technologies, and protocols (TCP/IP, IPSec, HTTP, FTP, DHCP, and DNS)


  • Previous involvement in all stages of the software delivery lifecycle
  • Some experience of at least one major cloud provider (GCP, AWS, Azure) and ideally Kubernetes experience





Bring all this to the home of premium innovation, and you’ll find the opportunities to further your career with a world-class team, a discounted car purchase and lease scheme for you and your family, membership of a competitive pension plan and performance related bonus scheme. All this and more makes Jaguar Land Rover the perfect place to continue your journey.


Please be aware that we may close this vacancy for applications before the stated deadline if we receive a high volume of interest. We strongly advise you to submit your application as early as possible. Jaguar Land Rover is committed to equal opportunity for all.






Jaguar Land Rover has long pushed the boundaries of technology. Now digital innovation lies at the heart of our business – because it is central to our future strategy. We are focused on the development of electric, connected and driverless cars that will reshape the whole industry. Joining us is your chance to help redefine who we are and where we’re going.

Find out more about working here in our JLR Life Blog:

We look after our employees by offering a host of benefits and investing in their talent through award-winning training.



Can't find a suitable opportunity or interested in other options with our Suppliers and Partners?

Job Segment: Engineer, Developer, Product Development, Cloud, Engineering, Technology, Research, Automotive

Apply now »