Lead Security Engineer

Role overview

This position sits within the software test and QA function and focuses on strengthening software security across development teams. You will help ensure that scrum teams follow the agreed software security development lifecycle, meet relevant regulations and industry standards, and continuously improve the way security is built and validated into software. The role also involves monitoring the health of implemented software systems, advising scrum teams, and supporting compliance with software security quality policies and procedures.

Dyson offers a collaborative environment that encourages new approaches and continuous capability building. The team is looking for someone eager to expand security test strategies across multiple product areas, including Lighting, Environmental, Hair, and Robotics. A strong understanding of software verification methods and techniques is important, along with prior exposure to security testing and comfort with high-level technical discussions with developers.

Key responsibilities

• Apply advanced software security methods in line with the technical reference architecture.
• Carry out ongoing penetration testing and code review work, using both automated and manual approaches to uncover and exploit vulnerabilities in IoT consumer products.
• Create penetration testing approaches that combine automated and manual tools.
• Align on the required security level with the organisation and turn requirements into test coverage.
• Develop automated systems that support continuous testing and analysis of nightly builds.
• Support the design, development, implementation, and integration of offensive cyber operations tools for platforms, payloads, and systems.
• Identify security risks early and produce engineering designs that reduce software security vulnerabilities.
• Collaborate within a SAFe Agile team operating across a global organisation.
• Advise team members on secure coding practices.
• Build familiarity with new tools and current best practices.

Qualifications, skills, and behaviours

• Background in cyber security, including penetration testing, security posture assessments, cloud security assessments, IoT security, vulnerability analysis, and risk assessment.
• Hands-on experience with scanning, attacking, and assessment tools and methods.
• Ability to code or script in at least one language such as Python, C, or C++.
• Strong knowledge of wireless protocols, including Wi‑Fi, Bluetooth, JTAG, and USB.
• Good working knowledge of security concepts for IoT, Linux, and RTOS operating systems.
• Experience with test management and collaboration tools such as Jira, Confluence, Stash, Git, and Bamboo.
• Capability to contribute meaningfully at every stage of a new feature’s design and development.
• A persistent, curious, and outcome-focused mindset.
• Creative, product-oriented thinking with the ability to generate multiple ideas for new technologies.
• More than 3 years of relevant experience in software quality or software testing.
• Bachelor’s degree in Computer Engineering, Electronic Engineering, or a related field.
• Experience with IoT software such as embedded, app, and cloud components.
• Exposure to regulated environments and standards such as ISO, IEC, and FDA.
• Experience working in Agile software development and DevOps environments.
• Strong attention to detail, communication skills, and the ability to work independently as well as in teams.
• Comfort working in a fast-moving environment and delivering quality with minimal supervision.
• Understanding of the software security development lifecycle.
• Working knowledge of statistical process control, including selecting and applying product and process metrics, analysing results, and communicating findings.
• Advanced CREST certification.

Equal opportunity statement

Dyson is an equal opportunity employer. Hiring decisions are made without regard to race, colour, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status, or any other protected characteristic. Applications from all backgrounds are welcomed.