Cybersecurity Assurance Consultant

Bristol
3 weeks ago
Create job alert

Overview

Expleo is a trusted partner for end-to-end, integrated engineering, quality services, and management consulting for digital transformation. We help businesses harness unrelenting technological change to deliver innovations that provide a competitive advantage and improve everyday life worldwide.

As part of the Expleo Digital and Technology (DigiTech) team, you will report to the Head of Cybersecurity and work within our specialist Cybersecurity Practice. In this role, you will provide cybersecurity assurance within a complex marine/defence engineering programme, supporting the development and delivery of cyber-resilient systems.
This is a consultancy role focused on integrating cybersecurity into programme controls, technical assurance, and regulatory compliance. You will work closely with engineering leads, programme managers, and cybersecurity stakeholders to ensure that security requirements are appropriately defined, evidenced, and governed in alignment with relevant defence and maritime standards.

Responsibilities

Lead or support integrating cybersecurity assurance activities into engineering and programme delivery for marine and defence projects.
Develop, review, and maintain cybersecurity assurance artefacts, including risk assessments, assurance cases, control matrices, and evidence submissions.
Ensure alignment with applicable defence and industry standards and other MOD-aligned frameworks.
Engage with engineering and project teams to ensure cybersecurity is embedded into system design, technical planning, and programme governance.
Liaise with client representatives, suppliers, and accreditation authorities to support the assurance lifecycle and manage stakeholder expectations.
Support the preparation for and participation in technical reviews, audits, and risk acceptance activities.
Contribute to delivering security risk management processes, threat modelling sessions, and security design assessments.
Provide subject matter expertise on assurance requirements for secure communications, supply chain security, platform integration, and physical security interfaces.

Qualifications

A degree (or equivalent experience) in Cybersecurity, Information Assurance, Systems Engineering, or a related technical or defence-focused discipline.
Recognised cybersecurity certifications: CompTIA, CISSP, CISM, CRISC, ISO 27001 Lead Auditor/Implementer, or equivalent.
Familiarity with MOD, maritime, or defence-specific frameworks: JSPs, DEFSTAN, NIST, IEC 62443, IMO or ISO/IEC 27001.
SC clearance (or eligibility to obtain SC as a minimum) is required; DV clearance is desirable depending on the programme needs.Essential skills

Strong understanding of cybersecurity assurance principles, risk management, and regulatory compliance in defence or safety-critical environments.
Proven ability to produce and review assurance artefacts, including security management plans, risk registers, assurance cases, and audit-ready documentation.
Familiarity with MOD, defence, and marine security requirements, controls, and platform-specific standards.
Experience applying assurance frameworks or relevant equivalents in a programme or system engineering context.
Ability to interpret and apply security requirements across the engineering lifecycle, ensuring traceability and alignment with delivery controls.
Capable of contributing to threat modelling, risk assessments, and technical reviews with clear, structured input.
Confident working independently in complex, multi-stakeholder environments while managing priorities and deadlines effectively.

Desired skills

Familiarity with the Defence Digital approach to cybersecurity and assurance, including engagement with Accreditor and Authority roles.
Understanding secure systems engineering and its integration into the Systems Engineering V-Model or through-life engineering assurance models.
Exposure to product security assurance, safety-security interface assessments, or combined safety and security case development.
Knowledge of physical and personnel security controls in the context of platform or facility assurance.
Familiarity with engineering toolsets such as DOORS, Enterprise Architect, or security-specific tooling used in requirement traceability.

Experience

Proven experience in cybersecurity assurance, information assurance, or risk management, including delivery within defence, marine, or other safety-critical environments.
Proven track record in developing and maintaining assurance documentation.
Experience embedding Secure by Design principles across the engineering lifecycle, ensuring traceability of security requirements into system design and delivery.
Prior military service or experience working with the armed forces is highly valued, particularly in communications, security, or operational assurance roles.
Strong understanding of assurance governance and the role of cybersecurity in system integration, communications, or platform delivery contexts.
Experience collaborating with multi-disciplinary teams, including engineering, programme management, safety, and technical authorities.
Prior involvement in stakeholder assurance forums, technical reviews, or risk acceptance discussions within regulated environments.

What do I need before I apply

You must have the right to work in the UK

Related Jobs

View all jobs

(Urgent Search) Cyber Security Consultant ...

▷ Immediate Start: Cyber Security Consultant ...

Cyber & Data Security Risk Consultant

OT Cyber Security Consultant

Associate Information & Cyber Security Consultant

Associate Information & Cyber Security Consultant

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Quantum-Enhanced AI in Cyber Security: Guarding the Digital Frontier

The cyber security landscape has evolved dramatically over the past decade. Long gone are the days when businesses primarily worried about simplistic phishing or basic website defacements. Today’s threats include nation-state attacks, sophisticated ransomware, AI-generated phishing campaigns, and a wide array of stealthy intrusion methods. Organisations must defend vast digital ecosystems that include cloud infrastructure, IoT devices, and critical operational technology—any of which can become high-value targets for malicious actors. Amid these escalating challenges, a new technological wave is emerging: quantum computing. Although still in its infancy, quantum computing promises capabilities that could surpass even the most advanced classical supercomputers for specific tasks. Simultaneously, in the world of Artificial Intelligence (AI)—where data volumes and model complexity are exploding—quantum’s parallelism could significantly boost analysis, training, and decision-making. What unfolds when quantum computing and AI converge in the realm of cyber security? On one hand, quantum technologies could introduce stronger encryption and faster threat detection. On the other, adversaries armed with quantum power might break today’s cryptographic protocols or develop more potent attacks at unimaginable speeds. This article explores the phenomenon of quantum-enhanced AI for cyber security: the possibilities it unlocks, the challenges it poses, and the reasons it could reshape both defensive and offensive operations in the digital world.

Cyber Security Jobs at Newly Funded UK Start-ups: Q3 2025 Investment Tracker

Cyber security is no longer just a topic for tech-savvy professionals—it’s an essential pillar of every modern organisation. From protecting sensitive customer data to thwarting state-sponsored attacks, cyber security teams play a crucial role in safeguarding digital infrastructures across all sectors. In the UK, cyber security innovation is thriving, fuelled by a fertile mix of venture capital, government backing, and an ever-growing pool of talented specialists. Now, in the third quarter of 2025, we’ve seen a fresh influx of funding for cyber security start-ups that are poised to shape the industry’s future. This Q3 2025 Investment Tracker highlights newly funded UK-based cyber security start-ups, their core offerings, and—most importantly—the wide range of job opportunities they’re creating. Whether you’re a veteran security analyst, a pen tester, or a newcomer eager to explore the defensive side of tech, these start-ups are actively seeking professionals to help drive their next phase of growth. We’ll also guide you through the essential skills in demand, strategies to secure a role, and how to leverage CyberSecurityJobs.tech to fast-track your job search.

Portfolio Projects That Get You Hired for Cyber Security Jobs (With Real GitHub Examples)

With rising cyber threats and increasingly sophisticated attacks, cyber security has become a critical priority for organisations worldwide. From penetration testers (pentesters) and SOC analysts to cloud security engineers and threat intelligence specialists, the demand for skilled cyber security professionals continues to surge. But how do you stand out in a growing field? Alongside your CV, an impressive cyber security portfolio can be the distinguishing factor that convinces employers you’re the right fit. In this comprehensive guide, you’ll discover: Why a cyber security portfolio is essential for job seekers in this domain. How to align portfolio projects with different cyber security career paths. Real GitHub examples that demonstrate best practices in security-focused projects. Actionable project ideas you can start today, from penetration testing labs to blue-team detection pipelines. Best practices for organising your repos and presenting your work so hiring managers can instantly see your impact. When you’re ready to pursue your next opportunity, remember to upload your CV on CyberSecurityJobs.tech. Our specialised platform connects talented security professionals with employers who need your expertise—exactly what your portfolio will showcase.