Cybersecurity Assurance Consultant

Join to apply for the Cybersecurity Assurance Consultant role at Expleo Group

Expleo is a trusted partner for end-to-end, integrated engineering, quality services, and management consulting for digital transformation. We help businesses harness technological change to deliver innovations that provide a competitive advantage and improve everyday life worldwide.

As part of the Expleo Digital and Technology (DigiTech) team, you will report to the Head of Cybersecurity and work within our Cybersecurity Practice. In this role, you will provide cybersecurity assurance within a complex marine/defence engineering programme, supporting the development and delivery of cyber-resilient systems.

This is a consultancy role focused on integrating cybersecurity into programme controls, technical assurance, and regulatory compliance. You will work closely with engineering leads, programme managers, and cybersecurity stakeholders to ensure security requirements are appropriately defined, evidenced, and governed in line with defence and maritime standards.

The role offers the opportunity to influence mission-critical projects within the marine and defence domain, applying structured cybersecurity assurance approaches to complex, multidisciplinary environments.

Responsibilities

Lead or support cybersecurity assurance activities in marine and defence projects.

Develop, review, and maintain assurance artefacts like risk assessments, assurance cases, control matrices, and evidence submissions.

Ensure compliance with defence and industry standards, MOD frameworks, and regulations.

Engage with engineering and project teams to embed cybersecurity into system design and governance.

Coordinate with clients, suppliers, and authorities to support assurance lifecycle and stakeholder expectations.

Assist in technical reviews, audits, and risk acceptance activities.

Contribute to threat modelling, risk assessments, and security design evaluations.

Provide expertise on assurance requirements for secure communications, supply chain, and physical security interfaces.

Maintain high-quality documentation to support certification and compliance.

Support internal knowledge sharing and continuous improvement of assurance methodologies.

Qualifications

Degree or equivalent in Cybersecurity, Information Assurance, Systems Engineering, or related field.

Recognised cybersecurity certifications (e.g., CISSP, CISM, ISO 27001 Lead Auditor).

Knowledge of MOD, maritime, or defence frameworks (JSPs, DEFSTAN, NIST, ISO 27001).

SC clearance or eligibility; DV clearance desirable.

Continuous professional development in cybersecurity assurance and defence standards.

Essential Skills

Strong understanding of cybersecurity assurance principles in defence or safety-critical environments.

Experience producing assurance artefacts and documentation.

Familiarity with defence security requirements and standards.

Ability to interpret and apply security requirements across the engineering lifecycle.

Excellent stakeholder engagement and communication skills.

Experience with threat modelling, risk assessments, and technical reviews.

Ability to work independently in complex environments.

Attention to detail in assurance and audit documentation.

Methodical, professional, and delivery-focused approach.

Desired Skills

Knowledge of Defence Digital cybersecurity approaches.

Understanding of secure systems engineering and assurance models.

Experience with product security assurance and safety-security interfaces.

Knowledge of physical and personnel security controls.

Familiarity with engineering tools like DOORS or Enterprise Architect.

Contributions to assurance framework development and tooling standards.

Experience

Proven experience in cybersecurity assurance in defence or safety-critical environments.

Experience in developing assurance documentation and embedding Secure by Design principles.

Involvement in third-party assurance activities and working with MOD standards.

Military or armed forces experience is highly valued.

Understanding of assurance governance and system integration security.

Experience collaborating with multidisciplinary teams and assurance forums.

Strong communication skills for audit and compliance documentation.

Experience within MOD or maritime defence programs, especially platform integration.

Experience with defence supply chains and collaborative assurance.

Pre-requisites

Right to work in the UK.

At least 8 years of practical cybersecurity engineering or infrastructure security experience.

Proactive, adaptable, and capable of working independently.

Current or eligible for SC clearance.

Benefits

Collaborative environment with clients and peers.

Opportunities for skills development and inspiring projects.

Access to ExpleoAcademy training courses.

Competitive benefits package.

Inclusive, supportive workplace promoting diversity and adjustments for disabilities.

We are an equal opportunities employer and welcome applications from all qualified persons regardless of race, sex, disability, religion, sexual orientation, or age. We are committed to fairness and providing support for all employees.

#J-18808-Ljbffr