Motorola Solutions
Senior Software Cybersecurity Engineer

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Company Overview
At Motorola Solutions, we believe that everything starts with our people. We’re a global close-knit community, united by the relentless pursuit to help keep people safer everywhere. We build and connect technologies to help protect people, property and places. Our solutions foster the collaboration that’s critical for safer communities, safer schools, safer hospitals, safer businesses, and ultimately, safer nations. Connect with a career that matters, and help us build a safer future.
Department Overview
The Senior Software Cybersecurity Engineer will be responsible for analysing software designs and implementations from a security perspective, identifying and proposing remediations to security issues throughout the software development lifecycle (SDLC).
Job Description
This role is mainly remote.
Responsibilities
Security Design and Implementation
- Perform threat modelling, risk assessments, and architecture reviews to identify and mitigate risk.
- Perform requirements analysis, security audits, and provide detailed mitigation recommendations specifically for Cloud and Container environments.
- Design, review, and enforce Key Management and Identity and Access Management (IAM) controls.
- Support the engineering teams on definition of detailed security requirements to meet compliance requirements and industry best practices.
- Perform security code reviews looking for potential security vulnerabilities.
- Act as a subject matter expert to advise and answer questions from engineering and compliance teams on technical product security matters.
Security Testing
- Define and oversee the deployment of Software Composition Analysis (SCA) tools to compile SBOMs of software components, helping to identify known vulnerabilities and license compliance violations.
- Define and oversee the deployment of automated security testing tools into CI pipelines, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Secret Detection scanning tools.
- Apply a basic level of knowledge and experience in manual network and application security testing to validate controls.
- Write custom scripts or unit test cases to check for vulnerabilities or broken/missing security controls.
- Recommend improvements to existing security scanning tools and processes, and propose new ones.
Vulnerability Management
- Drive vulnerability management with a strong focus on Kubernetes (K8s) infrastructure and container images.
- Periodically triage the findings from the automated security scanning tools.
- Validate potential security vulnerabilities to determine whether they are actual true positives, or false positives (i.e. non-applicable) in the product context. Write proof of concept exploits when necessary to achieve this.
- Assess the risk of vulnerabilities and threats in order to help the business determine their remediation priority order.
- Communicate the identified security issues to engineering and compliance stakeholders, and manage them throughout the SDLC process to ensure they are properly addressed.
SDLC and DevSecOps Integration
- Establish and maintain secure coding standards, baseline product security requirements and more general best practices to provide guidance to development teams.
- Assist the program area with implementing a secure Continuous Integration/Continuous Delivery (CI/CD) pipeline utilizing DevSecOps principles and practices to increase automation.
- Implement automated security controls as part of CI/CD pipelines.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Incident Response and Compliance
- Support product security incident response processes, including root cause analysis (identify the affected product components, data, and the overall impact level) and definition of mitigation strategies.
- Apply Detection Engineering principles, including the determination of baseline application security parameters and the creation/maintenance of application-level rules for IDS/IPS.
- Define clear criteria and protocols for security incident response, including creation of technical runbooks.
- Conduct post-incident analysis to compile lists of lessons learned, and measures to prevent similar incidents from reoccurring, and refine response strategies.
- Monitor emerging security threats, vulnerabilities, and trends to proactively investigate, remediate, and integrate new protections.
- Ensure products comply with relevant security standards, certifications, and regulations (e.g., OWASP, NIST).
Basic Requirements
Required Qualifications
Experience and Education
- 7+ years of experience in Security Engineering with a focus on product security and/or application security.
- Bachelor’s degree in Computer Science, Information Security, or a related technical field.
- Experience leading cybersecurity process change and mentoring on secure by design principles.
- Partnering with engineering teams to ensure secure coding practices and adoption of industry best practices.
- Proactively monitor emerging security threats, vulnerabilities, and trends to investigate, remediate, and integrate new protections.
- Drive continuous improvement of product security posture by identifying gaps and implementing solutions.
Technical Skills
- Strong knowledge of Cloud and Container security, including orchestration (e.g. AWS, Azure, Google Cloud, Docker, Kubernetes)
- Vulnerability Management lifecycle experience, specifically for cloud infrastructure and container images.
- Strong understanding of Key Management and IAM controls.
- Proven experience in designing and implementing threat modelling programs (e.g., STRIDE, PASTA, DREAD).
- Exceptional analytical and investigative skills, with hands-on experience in root cause analysis.
- In-depth knowledge of techniques, standards, and state-of-the-art authentication and authorization technologies, applied cryptography, security vulnerabilities and remediations.
- Strong knowledge of web-related protocols and technologies (HTTP, REST APIs), networking protocols (IP, TCP, UDP), and security protocols (TLS).
- Significant software development experience. Experience in Go and C#.
- Strong knowledge of security principles, best practices, and industry standards, such as NIST, ISO 27001, and CIS Critical Security Controls, OWASP ASVS and Testing Guides.
- Experience designing and implementing processes to integrate SCA, SAST, DAST, IAST, and RASP tooling as part of the SDLC and driving adherence.
- Experience with CI/CD pipeline, security tools integration.
- Experience with defining and enforcing technical security standards and controls.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
Desirable Qualifications
Advanced Expertise
- Deep vulnerability analysis, research, and development of exploits to validate findings.
- Background in Web Application security.
- Advanced manual penetration testing skills in the domains of cloud infrastructure, web applications, embedded/OS, or mobile.
- Familiarity with security considerations for AI/ML systems is desirable.
- Understanding of distributed systems design, implementation and operation.
- Understanding of privacy threats and controls, including on how to adapt generic best practices to specific scenarios in the product by providing detailed specifications to stakeholders.
- Experience with SIEM, enterprise log collection and analysis platforms (e.g., Splunk, OSQuery).
Education and Certifications
- Master's degree or equivalent experience preferred.
- Cloud focus security certifications is a strong plus, especially CCAK, CCSP, AWS Certified Security - Specialty.
- Additional certifications are also relevant including OSCP, SANS/GIAC, CCSP, and CISSP.
Soft Skills And Leadership
- Excellent verbal and written communication, with the ability to translate complex security concepts to technical and non-technical stakeholders.
- Demonstrated ability to design, document, and implement new security processes.
- Experience in a high-growth technology environment or SaaS business.
- Ability to remain calm under pressure, especially during incidents or audits.
In Return For Your Expertise, We’ll Support You In This New Challenge With Coaching & Development Every Step Of The Way. Also, To Reward Your Hard Work You’ll Get
- Competitive salary and bonus schemes
- Two weeks additional pay per year (holiday bonus).
- 25 days holiday entitlement + bank holidays.
- Attractive defined contribution pension scheme.
- Private medical insurance.
- Employee stock purchase plan.
- Flexible working options.
- Life assurance.
- Enhanced maternity and paternity pay.
- Career development support and wide ranging learning opportunities.
- Employee health and wellbeing support EAP, wellbeing guidance etc.
- Carbon neutral initiatives/goals.
- Corporate social responsibility initiatives including support for volunteering days.
- Well known companies discount scheme.
Travel Requirements
- Under 10%
Relocation Provided
- None
Position Type
- Experienced
Referral Payment Plan
- Yes
Company
Motorola Solutions UK Limited
EEO Statement
Motorola Solutions is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion or belief, sex, sexual orientation, gender identity, national origin, disability, veteran status or any other legally-protected characteristic.
We are proud of our people-first and community-focused culture, empowering every Motorolan to be their most authentic self and to do their best work to deliver on the promise of a safer world. If you’d like to join our team but feel that you don’t quite meet all of the preferred skills, we’d still love to hear why you think you’d be a great addition to our team.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location