Principal Platform Engineer (Privileged Access Management)

Responsibilities

• Leonardo UK is seeking a Principal Platform Engineer to join the Cyber & Security Solutions Division team. This role is focused on delivering, maintaining, and improving platform and systems engineering solutions that underpin critical defence, government and public sector services.
• What you will do as a Principal Platform Engineer
• Act as the technical authority on one of our platform engineering domains (e.g. virtualisation) providing specialist domain expertise to projects and programmes.
• Lead the design and implementation of secure platforms across on-premise, hybrid, and cloud environments.
• Capture, analyse, and interpret complex customer requirements to drive system design and architecture.
• Develop high- and low-level designs, ensuring alignment with secure-by-design principles.
• Take ownership of technical delivery within work packages, including planning, estimation, and progress reporting.
• Mentor, coach, and develop junior and senior engineers, raising technical capability across the community.
• Provide input to technology strategies, feasibility studies, and innovation projects.
• Engage with internal and external stakeholders, presenting technical solutions and justifying design decisions.

Requirements

• Extensive technical expertise across multiple platform domains, with a track record of delivering secure solutions.
• The ability to balance hands-on engineering with technical leadership and mentorship.
• A problem-solving mindset, able to innovate and recommend the best approach for complex challenges.
• Core areas (must have):
• Windows and Linux operating systems
• Virtualisation platforms (VMware, Hyper-V)
• Privileged Access Management concepts and implementation (CyberArk or similar)
• Secure credential storage, rotation, and access control models
• Integration of PAM into enterprise platforms and services
• Networking concepts (TCP/IP, DNS, DHCP, firewalls)
• Automation and scripting (PowerShell, Bash, Python, Ansible, Terraform)
• Knowledge of cyber security controls and accreditation requirements
• Experience across the systems engineering lifecycle
• Design and implementation of privileged access models across complex systems
• Delivery within highly controlled / secure environments (e.g. air-gapped, defence)
• Desirable:
• Expertise with cloud platforms (AWS, Azure) and Infrastructure as Code
• Experience integrating enterprise services (Active Directory, PKI, monitoring, SIEM)
• Hands-on use of DevSecOps tools and CI/CD pipelines
• Automation of account onboarding/offboarding (API-driven)
• Integration with SIEM / SOC tooling for audit and monitoring
• Containerisation platforms (Kubernetes, Docker)
• Experience working with enterprise identity and access management solutions
• Security Clearance
• Location
• This role can be based at one of our UK sites Yeovil.
• Why join us
• At Leonardo, our people are at the heart of everything we do. We offer a comprehensive, company-funded benefits package that supports your wellbeing, career development, and work-life balance.
• Time to Recharge: Generous leave with the opportunity to accrue up to 12 additional flexi-days each year.
• Secure your Future: Award-winning pension scheme with up to 15% employer contribution.
• Your Wellbeing Matters: Free access to mental health support, financial advice, and employee-led networks.
• Never Stop Learning: Free access to 4,000+ online courses via Coursera and LinkedIn Learning.
• Tailored Perks: Spend up to £500 annually on flexible benefits such as private healthcare, lifest

Benefits

Additional Information

Job Description: Salary Range: £53,269 - £71,400 Leonardo UK operates a grade-based salary framework with broad bands. The salary range shown reflects the approved grade band for this role, or a narrower hiring range published within that band, and is benchmarked against the external market. Exceptions above the standard range are managed through governance controls to protect internal equity.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at leonardocompany? Share your experience