Responsibilities
Deliver and support the implementation of cybersecurity solutions across a wide range of client environments, ensuring alignment with industry standards and regulatory requirements. Perform system and infrastructure hardening activities, including configuration reviews, security baseline application, and policy enforcement across cloud, on-premises, and hybrid environments. Conduct technical control assessments, gap analysis, and remediation planning to address vulnerabilities, misconfigurations, and non-compliance issues. Support the deployment of technical controls such as endpoint protection, access management, network segmentation, logging and monitoring solutions, and encryption mechanisms. Collaborate with client stakeholders and internal teams to provide actionable guidance and implementation support tailored to specific business and regulatory contexts. Contribute to security design reviews and technical workshops, offering practical insights to improve client security posture and delivery assurance. Provide clear and concise technical documentation, including implementation guides, remediation reports, and configuration artefacts to support assurance and audit requirements. Stay current with emerging cybersecurity threats, vulnerabilities, tools, and mitigation techniques to ensure that all recommendations and implementations reflect current best practices. Provide technical expertise, solution context, and risk-based insights to support the sales and pre-engagement process and help shape the delivery scope and approach. Contribute to continuously improving internal methodologies, tooling, and knowledge sharing to strengthen Expleo’s Cybersecurity Practice and promote delivery excellence across all engagements. Operate effectively in remote and on-site client environments, maintaining professionalism, delivery discipline, and stakeholder trust.
Qualifications
A degree (or equivalent experience) in Cybersecurity, Information Security, Computer Science, Network Engineering, or a related technical discipline. Recognised industry certifications in cybersecurity or infrastructure security (CompTIA, ISACA, ISC2, GIAC, Microsoft, CREST, Cisco Security, or equivalent). Certifications in security governance and frameworks: ISO/IEC 27001, IEC 62443, NIST CSF, CAF, or CIS Controls. Additional vendor or platform-specific certifications (AWS, Azure, Microsoft, GCP, Palo Alto, CrowdStrike, Tenable) are advantageous. Demonstrable commitment to continuous professional development aligned with emerging technologies, infrastructure security, and evolving cyber threat landscapes.
Essential skills
Strong understanding of core cybersecurity principles, including confidentiality, integrity, availability, and risk management. Practical experience implementing security controls across IT/OT infrastructure. Proficiency in system hardening techniques. Ability to conduct technical risk assessments, identify control gaps, and propose actionable remediation plans. Familiarity with enterprise security tools and platforms. Strong troubleshooting and problem-solving skills with the ability to work independently across varied environments and technologies. Excellent communication skills, with the ability to clearly explain technical risks and solutions to technical and non-technical stakeholders. Strong documentation skills, including creating implementation guides, reports, and evidence to support audit and assurance processes. Ability to work effectively in fast-paced, multi-client environments, maintaining professionalism, flexibility, and a delivery mindset.
Desired skills
Familiarity with UK regulatory frameworks (NIS/NIS2, Ofgem CAF, ECAF, GDPR/DPA18, ISO 27001, or Cyber Essentials Plus). Understanding secure architecture principles, including zero trust, defence-in-depth, and secure-by-design approaches. Exposure to DevSecOps practices, security tooling integration into CI/CD pipelines, and secure development lifecycle support. Knowledge of OT/ICS environments and their associated security considerations. Awareness of threat intelligence, attack vectors, and emerging vulnerabilities across enterprise IT ecosystems. Ability to contribute to client workshops, security design reviews, and collaborative problem-solving sessions.
Experience
Proven experience in a hands-on cybersecurity engineering or infrastructure security role, ideally within a consultancy, systems integrator, or multi-client environment. Experience delivering technical cybersecurity controls, system hardening, and infrastructure remediation within complex IT environments. Track record of operating effectively across multiple sectors or projects, adapting to new client requirements, technology stacks, and regulatory contexts. Experience working directly with client stakeholders to gather technical requirements, explain security considerations, and support implementation activities. Demonstrated ability to manage technical tasks independently, prioritise work, and deliver outcomes in line with project timelines and expectations. Exposure to enterprise IT environments, cloud platforms, and standard security tools, with evidence of practical application in real-world delivery contexts. Experience producing supporting documentation such as implementation guides, security configuration records, remediation reports, and audit artefacts. Experience working across multiple industry sectors, including regulated environments. Experience supporting technical delivery within hybrid cloud environments and/or virtualised infrastructure.
What do I need before I apply
You must have the right to work in the UK. A strong foundation in cybersecurity engineering or infrastructure security, with practical delivery experience. A proactive and adaptable mindset, with the ability to work independently across diverse client environments. A passion for delivering high-quality, standards-aligned cybersecurity solutions that make a tangible impact.
Benefits
Collaborative working environment – we stand shoulder to shoulder with our clients and our peers through good times and challenges We empower all passionate technology loving professionals by allowing them to expand their skills and take part in inspiring projects Expleo Academy - enables you to acquire and develop the right skills by delivering a suite of accredited training courses Competitive company benefits Always working as one team, our people are not afraid to think big and challenge the status quo As a Disability Confident Committed Employer we have committed to: Ensure our recruitment process is inclusive and accessible Communicating and promoting vacancies Offering an interview to disabled people who meet the minimum criteria for the job Anticipating and providing reasonable adjustments as required Supporting any existing employee who acquires a disability or long term health condition, enabling them to stay in work at least one activity that will make a difference for disabled people
“We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age”.
We treat everyone fairly and equitably across the organisation, including providing any additional support and adjustments needed for everyone to thrive
