Cybersecurity (Infrastructure) Engineer
Hybrid
London, United Kingdom
Full Time
25-04-2025
Job Specifications
Expleo is a trusted partner for end-to-end, integrated engineering, quality services, and management consulting for digital transformation. We help businesses harness unrelenting technological change to deliver innovations that provide a competitive advantage and improve everyday life worldwide.
As part of the Expleo Digital and Emerging Technology (DET) team, you will report to the Head of Cybersecurity and play an integral role in our growing Cybersecurity Practice. You will support the delivery of cybersecurity solutions across the Energy and Utilities sector, working with clients to protect critical infrastructure and improve their security posture in line with industry and regulatory expectations.
This delivery-focused role centres on infrastructure security, OT/IT boundary protection, and implementation of technical controls across regulated environments. You will contribute to assurance activities, support security design reviews, and assist in deploying cybersecurity measures that enable compliance and operational resilience.
The role provides the opportunity to work on complex infrastructure challenges, supporting the protection of nationally significant services through practical, standards-aligned cybersecurity delivery.
Responsibilities
Deliver and support the implementation of cybersecurity solutions within the Energy and Utilities sector, focusing on infrastructure security and regulatory alignment.
Perform security assessments and system hardening activities across cloud, on-premises, and hybrid infrastructure, including servers, endpoints, and network layers.
Support the design, implementation, and validation of security controls at the OT/IT boundary, addressing segmentation, access control, logging, and monitoring.
Contribute to security architecture and design reviews, providing input to ensure compliance with relevant regulations.
Assisted in identifying risks and gaps in current security postures and developing actionable remediation plans in collaboration with client stakeholders.
Support assurance activities by preparing technical documentation, implementation evidence, and audit artefacts.
Collaborate with multidisciplinary teams, including infrastructure engineers, platform specialists, and client security personnel, to ensure integrated, secure solutions.
Stay informed on sector-specific threats, vulnerabilities, and defensive techniques relevant to critical infrastructure and industrial environments.
Operate professionally in regulated environments, maintaining a delivery-focused mindset across varied client contexts and stakeholder groups.
Contribute to continuously improving internal methodologies, tooling, and knowledge sharing to strengthen Expleo’s Cybersecurity Practice and promote delivery excellence across all engagements.
Operate effectively in remote and on-site client environments, maintaining professionalism, delivery discipline, and stakeholder trust.
Qualifications
A degree (or equivalent experience) in Cybersecurity, Information Security, Computer Science, Network Engineering, or a related technical discipline.
Recognised industry certifications in cybersecurity or infrastructure security (CompTIA, ISACA, ISC2, GIAC, Microsoft, CREST, Cisco Security, or equivalent).
Certifications in security governance and frameworks: ISO/IEC 27001, NIST CSF, CAF, or CIS Controls.
Additional vendor or platform-specific certifications (AWS, Azure, Microsoft, GCP, Palo Alto, CrowdStrike, Tenable) are advantageous.
OT/ICS/SCADA-focused certifications: IEC 62443, GRID/GRID+ (SANS/GIAC), GICSP, or equivalent industrial cybersecurity training are desirable.
Demonstrable commitment to continuous professional development aligned with emerging technologies, infrastructure security, and evolving cyber threat landscapes.
Essential Skills
Strong understanding of core cybersecurity principles, risk management, and control implementation in critical infrastructure environments.
Hands-on experience with infrastructure security across cloud, on-premises, and hybrid environments.
Proven ability to implement and assess security controls at the OT/IT boundary, including segmentation, firewalls, monitoring, and remote access safeguards.
Familiarity with enterprise security tooling, including vulnerability management platforms, endpoint protection, SIEM, identity and access management, and logging solutions.
Knowledge of regulatory frameworks and industry standards relevant to the E&U sector.
Ability to conduct technical risk assessments, identify security gaps, and support the development of remediation and improvement plans.
Strong analytical and troubleshooting skills, with the ability to work independently and respond effectively in live delivery environments.
Excellent communication skills, with the ability to clearly explain technical findings to technical and non-technical stakeholders.
High-quality documentation skills for producing implementation artefacts, assurance evidence, and technical guidance for client use.
Professionalism, adaptability, and reliability in delivering within regulated, multi-stakeholder client environments.
Desired Skills
Understanding of operational technology (OT) and industrial control systems (ICS), including common architectures, protocols, and associated security challenges.
Familiarity with security practices in SCADA environments and industrial networks, including secure remote access, DMZ configurations, and asset visibility solutions.
Experience with regulatory engagement, audits, and providing evidence to demonstrate compliance with frameworks.
Exposure to IT/OT convergence challenges and experience implementing or advising on segmentation and trust zone strategies.
Awareness of sector-specific threat actors, attack techniques, and vulnerability trends.
Ability to contribute to security design and architecture discussions within complex programs and technical environments.
Experience
Hands-on experience in cybersecurity engineering, infrastructure security, or a related technical role, ideally within regulated or critical infrastructure sectors.
Demonstrable experience implementing technical controls and supporting system hardening across IT infrastructure, including cloud, on-premises, and hybrid environments.
Experience contributing to security assurance, compliance, or risk management activities in Energy and Utilities or other regulated domains.
Proven delivery of security support at the OT/IT boundary, including collaboration with operations, engineering, or control system teams.
Familiarity with the deployment and operational use of enterprise security tooling, vulnerability management, and identity/access management platforms.
Track record of working directly with clients or internal stakeholders to identify security risks, support solution implementation, and produce high-quality technical documentation.
Experience operating in multi-stakeholder environments, balancing priorities across delivery ...
About the Company
Expleo is a global engineering, technology and consulting service provider that partners with leading organisations to guide them through their business transformation, helping them achieve operational excellence and future-proof their businesses. Expleo benefits from more than 50 years of experience developing complex products, optimising manufacturing processes, and ensuring the quality of information systems. Leveraging its deep sector knowledge and wide-ranging expertise in fields including AI engineering, digitalis... Know more
Related Jobs
- Company Name
- Double Eleven
- Job Title
- Senior Network Programmer
- Job Description
- We're looking for a Senior Network Programmer to join our award winning team in Middlesbrough (UK), home to the beautiful North Yorkshire coastline and countryside. As a Senior Network Programmer at Double Eleven, you'll play a major part in shaping how players experience our games. By building new features, optimising network performance and creating core mechanics, you'll ensure that we continue to create best selling games. Working with structure, you'll have the creative freedom to work in white space. In this role, you'll be the guiding force behind our talented team of developers, helping them grow, succeed, and deliver high-quality code. You'll work closely with diverse teams across various disciplines, combining your expertise with that of designers, artists, and developers to transform innovative concepts into immersive, interactive experiences that captivate and engage players. As a global gaming company, we've enabled millions to conquer Minecraft Dungeons, battle in Rust Console Edition and create new adventures in Fallout 76. Recently, we collaborated with Rockstar Games to bring Red Dead Redemption to the Nintendo Switch and PlayStation 4 as well as partnered with Obsidian Entertainment on Grounded: Fully Yoked Edition for Nintendo Switch and PlayStation 4 and 5. Double Eleven is a place where our people come first. Our 400-person team proudly represents over 30 nationalities. We strive to avoid crunch, we offer flexible working hours to allow you to truly enjoy work/life balance whilst making great games and any overtime is always planned, optional and paid. We can support UK relocation and have both a dedicated People and Operation teams on standby to assist you. On this occasion, we're unable to sponsor a visa for this role. What You'll Be Doing Work with every discipline to make sure our games perform great online and offline Define and develop robust networking code that leads the field Delight players with fantastic online performance Work with the lead programmer on creating the best architecture following best practices at an industry standard Collaborate with the QA Department to identify causes for any problems and possibly apply fixes Help develop highly efficient code for various projects Managing and mentoring team members around direction, knowledge and applied practice Implement industry standard security measures Implement industry standard multiplayer features on current gen/next gen architecture Come up with new exciting ways of approaching problems What We're Looking For Significant experience developing in C++ Great team working and communication skills Experience of developing and shipping a game which has online components Knowledge of low-level network APIs Knowledge of TCP/UDP Sockets, WebSockets, WebRTC and Concurrency Knowledge of various secure encryption techniques i.e: Open SSL Experience of the platform specific services and APIs on Xbox Live, PSN and Switch Knowledge and implementation of anti-cheat techniques Solid foundation of mathematics Computer Science degree Knowledge of Unreal Engine Qualifications All relevant qualifications considered What To Expect Working life at Double Eleven Start your day any time between 8:00am and 10:00am 35 working hours per week with a 1 hour lunch break (with the opportunity to flex down to 30 minutes or up to 2 hours) Opportunity to apply for hybrid working (up to 2 days working from home per week) 28 days annual leave (20 days annual leave + 8 days bank holiday) 1 day leave for your birthday and 1 day leave if you're moving house Up to 10 days discretionary annual leave during our end of year break Potential for annual performance bonus 5 additional days annual leave for 5 years service and a further 5 days annual leave for your 10 years service milestone A brand new, state-of-the-art studio facilities that includes a market hall serving nutritious, subsidised meals, round-the-clock gym access, an auditorium and more Free breakfast options, juice, hot drinks and fruit Employee referral bonus (up to £2000!) Electric Car Scheme Cycle to Work scheme Free game codes, game swag and merchandise Family-friendly leave available Christmas Saving Scheme Free parking Best-in-class tools and workflows so you can focus on creativity Professional development and wellbeing Vitality Private Healthcare, discounts and rewards for you, your spouse and children (upon the successful completion of your 6 month probationary period) Access to mental health and wellbeing support via Plumm (includes 4 free video therapy sessions per month for both the employee and up to 3 family members aged 18+), unlimited text therapy, courses, meditations A personalised development plan with dedicated support tailored to your growth and goals Access to an accredited Academy providing professional qualifications (and access to 500 UK discounts and offers via TOTUM when registered as a student) A dedicated Workplace Experience team responsible for work environments, workplace and quality of employee life services to help foster collaboration, creativity and innovation In-studio wellbeing programmes and People team support Team life Free activities via our Bus Tours programme (where on occasion, partners and children are welcome to join you) Many team events to celebrate team and game milestones Sponsored team activities including football, basketball, book club, movie club and more Opportunity to contribute to our internal Employee Diversity and Equality Network Ways to reach us If you have a general query or if you need support with your application and/or an alternative way to apply, please do not hesitate to contact our Talent team at jobs@double11.com
- Company Name
- CENSUS
- Job Title
- Technical Project Manager - Embedded Systems Security (UK Nationals Only)
- Job Description
- About CENSUS CENSUS is an internationally acclaimed Cybersecurity services provider. We support the needs of multiple industries, providing IT and OT security services to public and private organizations around the world, ranging from financial institutions and critical infrastructure to automotive and secure communications, including Fortune 500 companies. Powered by cutting-edge research, scientific analysis and in-depth engineering experience across various industries & technologies, CENSUS delivers unparalleled security consulting & assessment services for products (software, services, devices, and large-scale platforms), infrastructure, and organizations. Learn more about CENSUS at census-labs.com. About The Job / Key Responsibilities CENSUS’ bespoke cybersecurity services are built upon a talented pool of Security Engineers, whose role extends beyond mere adherence to industry best practices. Our Technical Project Managers play a pivotal role in formulating and executing service delivery strategies that align with the rigorous quality standards set by CENSUS. Drawing from their robust technical background and leveraging their project & stakeholder management skills, TPMs serve as the primary facilitators empowering our clients to effectively maximize the potential of our security and advisory teams. Skills We are looking for talented & ambitious professionals to grow our Product Security Professional Services team and join our ongoing mission to deliver in-depth and top-tier cybersecurity services to our valued clients. As part of this role, you will use your technical background - in the Embedded Systems Security domain – along with your Project Management skills to enable a successful service delivery to our clients. You will work side-by-side with our clients’ development and security teams & partners, under engagements / projects that involve: Working with our clients to understand their requirements and scope, size, plan the corresponding technical activities to efficiently meet those (consulting, assessments, audits, evaluations, security architecture development, etc.). Receiving high-level task & product descriptions and decomposing them to smaller & well-defined technical activities, which are then assigned to the corresponding security engineering & consulting teams. Leading project’s technical team within the scope of the engagement. Documenting and presenting product security risks in both technical and business-oriented language. Conducting technical QA and presenting to both technical and business audiences, the technical team deliverables (findings, technical reports, observations, improvement recommendations, operational methodologies, etc.) Building and developing relationships with cross-client teams and partners. Owning & driving the continuous improvement of the technical quality of the project team deliverables. Ensuring client satisfaction and business growth by communicating lessons learned and key success factors to the business development team. Minimum Qualifications MSc or BSc in Electrical Engineering, Computer Science, Computer Engineering, Electronics Engineering, or equivalent practical experience. 4+ years of experience in embedded, general- or special-purpose computer system-level software or firmware security. Experience can be an engineering / development position (e.g., consumer or enterprise), an assessment / consultancy role, an equivalent role in other engineering organizations, or a combination of them. 2+ years of experience in technical project management in a role related to product or information security. Key Skills & Preferred Qualifications Experience with Embedded Systems, Linux, or Real Time Operating systems security concepts. Experience with reviewing system security architecture & engaged technologies. Experience with ARM architectures & platforms. Experience with C, C++, Rust, or Assembly (ARM) programming languages in the context of system software (bootloaders, drivers, kernel, system services, etc.). Experience with secure boot, firmware & software integrity, OTA updates, and hardware-backed device attestation technologies. Experience with cryptographic primitives and cryptographic best practices in the context of system security (inline crypto engines, storage encryption, attestation, HW key rooting, derivation, wrapping/unwrapping, etc.). Familiarity with identifying and reporting security vulnerabilities on system software (memory corruption, side-channel attacks, business logic, etc.). Familiarity with product security assessments and S-SDLC processes. Experience with managing technical teams. Experience with translating complex technical concepts into relevant messages suitable for various audiences (engineering and different tiers of management). Experience with stakeholder management for security engineering deliverables. Experience working with international teams located in other regions and time zones worldwide. Excellent leadership, ownership, problem solving skills, and willingness to learn/grow. Proficient in English and excellent communication skills. Traveling may be required
- Company Name
- NVIDIA
- Job Title
- Senior Silicon Security Architect
- Job Description
- NVIDIA has been transforming computer graphics, PC gaming, and accelerated computing for more than 25 years. It's an outstanding legacy of innovation that's fueled by great technology—and outstanding people. Today, we’re tapping into the unlimited potential of AI to define the next era of computing. An era in which our GPU acts as the brains of computers, robots, and self-driving cars that can understand the world. Doing what’s never been done before takes vision, innovation, and the world’s best talent. As an NVIDIAN, you’ll be immersed in a diverse, encouraging environment where everyone is motivated to do their best work. Come join the team and see how you can make a lasting impact on the world. NVIDIA is seeking a network security research architect who is interested in a chance to define, research, and implement next-generation security features for data centers’ networks. The position will take on a lead role, working with teams with varied strengths across NVIDIA and with external partners to research security requirements for networking products. What You'll Be Doing Lead, research, design, develop, and implement solutions for attestation and confidential compute in network devices. Apply innovative security primitives using attestation capabilities. Collaborate across external and internal teams and with customers. Define next generation architecture following standards bodies and developing proof-of-concepts for attestation and confidential compute. What We Need To See MSc or PhD in Electrical Engineering, Computer Science, or Computer Engineering or equivalent experience. At least 5 years of experience. Background in security-by-design Background in attestation protocols such as DICE, SPDM, TPM, CoRIM Programming and debugging fundamentals across languages such as Python, and C/C++. Strong communication skills and a genuine passion for working together as a team are vital. Ways To Stand Out From The Crowd Proven security research experience and publications in top security conferences. Background in confidential compute and trusted execution environments solutions such as ARM CCA and PCIe TDISP Experience with high-scale deployment challenges and threat modeling Architectural background and hardware-software codesign. JR1996461
- Company Name
- Saab UK
- Job Title
- Cyber Security Lead
- Job Description
- Introduction: Saab UK is part of Scandinavia's largest defence company, bringing together the best of Swedish and British innovation. Saab offers world-leading solutions and services in defence, aviation, space, and civil security to keep people and society safe. Our UK presence has been growing at pace, meaning we can offer a wide range of opportunities for personal fulfilment and career growth. We currently employ over 500 people across eight sites in the UK, and our specialisations include software engineering, underwater robotics, radars, AI, and armed forces training. As part of the global entity Saab AB, Saab UK combines the innovative spirit of a start-up with the resources and expertise of a larger corporation. Globally, Saab employs over 22,000 people, with operations on every continent. Our partnerships with UK customers and industry mean we are able to deliver innovative solutions to complex challenges, anticipating the threats of tomorrow. We invest 23% of our annual revenue into research and development, collaborating with a range of partners including industry and academia. Saab is a company that offers our employees plenty of opportunities for growth and advancement. We embrace diversity and are committed to providing a workplace where individuals can thrive professionally, paving the way for future progression. We also recognise the need for a healthy work-life balance to ensure our staff have the chance to live a fulfilling life beyond the workplace. The Role: The Cyber Security Lead will lead the deployment and management of Cyber Security activities across the UK Saab operations in close co-operation with the business units, group security and the group IT operations in Sweden. The role will ensure compliance of UK operations to customer and group security standards. The role will work closely with UK Security and Group IT and Security teams to assist with compliance against CyberEssentials plus, ISO 27001 compliance and UK customer security requirements Responsibilities: Safeguards Saab UK networks and information system by identifying and solving potential and actual security problems. Protects systems by implementing and managing access privileges, control structures, and resources. Recognises problems by identifying abnormalities; reporting violations. Reporting on emerging threats together with the Group IT Security function Implements security improvements by assessing current situation; evaluating trends; anticipating requirements. Determines IT process violations and inefficiencies by conducting periodic audits. Upgrades system by implementing and maintaining security controls. Keeps users informed by preparing performance reports; communicating system status. Maintains quality service by following Saab Group IT standards. Maintains technical knowledge by attending educational workshops; reviewing publications. Systems accreditation for internal and external teams Leading IT Security Incident response process Required Skills: System administration Network security Problem solving Information security policies On-call network troubleshooting Firewall administration Network protocols Routers, hubs, and switches Collaboration and communication Process improvement Knowledge of systems accreditation for internal and external teams Experience and Qualifications: Bachelor's degree in Computer Science, Information Systems, or equivalent education or work experience 4+ years of prior relevant experience Advanced certifications in Security Standards Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defence-in-depth and common security elements. Hands-on experience analysing high volumes of logs, network data (e.g. Netflow, FPC), and other attack artifacts in support of incident investigations Experience with vulnerability scanning solutions In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform (e.g. Sentinel, Nitro/McAfee Enterprise Security Manager, ArcSight, QRadar, LogLogic, Splunk) Understanding of mobile technology and OS (i.e. Android, iOS, Windows), Experienced in Cloud Security principles As a National Security Vetting clearance is required for this role, applicants will be required to hold National Security Vetting clearance to SC level or have the ability to gain it. By submitting an application to Saab UK you consent to undertaking workforce screening activities that may include but are not limited to: Baseline Personnel Security checks, National Security Vetting, reference checks, verification of working rights and in all circumstances preferred candidates will be placed through a security interview.