Wayve
Automotive Product Security Lead

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
The Role
As the Automotive Product Security Lead at Wayve, you will define, mature, and operate the product security framework for Wayve’s automotive software activities. This spans our internal R&D fleet, robotaxi programme, and automotive software supplied to OEM customers, with assurance expectations applied proportionately to each context. You will help ensure Wayve can develop, assure, and supply automotive software that meets appropriate cybersecurity expectations from internal governance, customers, regulators, and external assessors.
You will be trusted to determine what good looks like for automotive product security at Wayve, applying industry best practice with pragmatism and adapting it to our technology, risk profile, product maturity, and stage of growth. You will translate regulations, standards, customer expectations, and risk assessments into clear, practical requirements and ways of working that product and engineering teams can apply effectively.
This role sits within Security, but works in close partnership with product, engineering, safety, and customer-facing teams. This role sets standards, guides and advises, and assures implementation. Delivery teams apply the controls and processes, produce evidence and work products, maintain cybersecurity cases, and own residual risk.
This is a senior individual contributor role with broad cross-functional influence. You will be hands-on in establishing expectations, reviewing work products, advising teams, assessing cybersecurity case credibility, and challenging or escalating where evidence or risk gaps are not being addressed. As the capability matures, you will help scale repeatable processes, templates, metrics, and assurance mechanisms that allow Wayve to move quickly while maintaining the rigour expected for automotive software.
The role is advisory and assurance-focused in nature, providing oversight, challenge, and pragmatic guidance to the business while enabling product and engineering teams to meet automotive cybersecurity expectations without unnecessary friction.
Key Responsibilities
Automotive Product Security Framework & Strategy
- Define and maintain Wayve's automotive product security framework, aligned to ISO 21434, ASPICE for Cybersecurity, and customer assurance expectations.
- Establish practical processes, templates, guidance, and minimum control expectations for automotive cybersecurity activities across R&D fleet, robotaxi, and customer software programmes.
Programme Guidance & Coordination
- Act as the product security lead across automotive software activities, helping teams understand what security activities are required, when they are required, and what good evidence looks like.
- Coordinate product security activity across security, product, engineering, safety, and customer-facing teams to ensure dependencies, risks, and assurance needs are understood early.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Cybersecurity Case Assurance
- Define the minimum expectations, structure, and quality bar for Wayve's automotive cybersecurity cases.
- Provide independent review of required work products, traceability and completeness, residual risk statements, and the overall credibility of the cybersecurity case.
- Assess whether the cybersecurity case provides a defensible argument that the relevant system or software is acceptably secure for its intended context.
Product Security Risk Governance
- Establish mechanisms for product cybersecurity risk visibility, challenge, escalation, and decision-making across automotive programmes.
- Partner with risk owners to ensure residual product cybersecurity risks are clearly documented, treatment options are understood, remediation is tracked, and acceptance decisions are made by the appropriate accountable owners.
- Challenge and escalate where risk, evidence, or delivery gaps are not being addressed appropriately.
Regulatory, Customer & OEM Readiness
- Translate automotive cybersecurity regulatory, standards, and customer expectations into practical internal requirements and assurance activities.
- Support preparation for external audits, customer assessments, and OEM reviews where product cybersecurity evidence is required.
- Represent Wayve credibly in product security discussions with customers, partners, and external assessors.
Secure Development Enablement
- Advise and upskill product and engineering teams on automotive cybersecurity practices, including TARA, cybersecurity requirements, secure architecture, implementation evidence, verification, validation, and security testing expectations.
- Build reusable guidance and playbooks that help teams integrate product security into existing development processes without duplicative or unnecessary process overhead.
Metrics, Reporting & Continuous Improvement
- Develop meaningful metrics that demonstrate automotive product security maturity, assurance readiness, evidence quality, risk treatment progress, and recurring areas of weakness.
- Provide clear reporting to security, product, engineering, and other senior stakeholders, using evidence and judgement to drive continuous improvement in Wayve's product security capability.
About You
To set you up for success as Automotive Product Security Lead at Wayve, we’re looking for the following skills and experience.
Essential
- Proven experience in a senior product security, automotive cybersecurity, embedded systems security, or security assurance role, with accountability for influencing security outcomes across complex technical programmes.
- Strong knowledge of automotive cybersecurity expectations, particularly ISO 21434 and UNECE R155.
- Experience defining, applying, or assessing cybersecurity lifecycle activities and work products, including TARA, cybersecurity goals, cybersecurity requirements, verification and validation evidence, and residual risk treatment.
- Strong technical judgement across software security, embedded or vehicle systems, secure architecture, threat modelling, security testing, and risk assessment.
- Experience reviewing or contributing to cybersecurity cases, assurance cases, technical evidence packs, or comparable structured security arguments.
- Excellent judgement and independence, with confidence challenging issues while maintaining constructive working relationships.
- Experience partnering with product, engineering, delivery, safety, legal, security, supplier, or customer-facing teams to deliver proportionate and effective security outcomes.
- Strong written and verbal communication skills, able to translate standards, risks, and assurance expectations into clear, practical guidance for technical and non-technical stakeholders.
- Comfort operating with high autonomy in a fast-moving, ambiguous environment where the right level of process needs to be designed, not simply inherited.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Desirable
- Experience establishing or scaling a product security or automotive cybersecurity capability in a growing or fast-moving organisation.
- Experience with OEM customer assurance, external audits, cybersecurity certification, type approval, or independent assessment activity.
- Familiarity with ASPICE, ISO 26262, ISO 21448 / SOTIF, or safety-security interface management.
- Experience with autonomous vehicles, ADAS, robotics, safety-critical software, automotive software platforms, vehicle networks, OTA update systems, or fleet operations.
- Experience managing product-security-relevant supplier assurance, supplier evidence, or third-party cybersecurity risk in an automotive context.
- Relevant certifications or training, such as ISO 21434, CISSP, CSSLP, GICSP, or automotive cybersecurity training.
This is a full-time role based in our offices in London, Sunnyvale, or Leonberg. At Wayve, we want the best of all worlds, so we operate a hybrid working policy that combines time together in our offices and workshops to fuel innovation, culture, relationships, and learning, and time spent working from home. We operate core working hours so you can determine the schedule that works best for you and your team.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location