Social network you want to login/join with:
Cybersecurity (Infrastructure) Engineer, Bristol
col-narrow-left
Client:
Expleo
Location:
Bristol, United Kingdom
Job Category:
Other
-
EU work permit required:
Yes
col-narrow-right
Job Reference:
23cc4f19723b
Job Views:
11
Posted:
12.08.2025
Expiry Date:
26.09.2025
col-wide
Job Description:
Responsibilities
- Deliver and support the implementation of cybersecurity solutions within the Energy and Utilities sector, focusing on infrastructure security and regulatory alignment.
- Perform security assessments and system hardening activities across cloud, on-premises, and hybrid infrastructure, including servers, endpoints, and network layers.
- Support the design, implementation, and validation of security controls at the OT/IT boundary, addressing segmentation, access control, logging, and monitoring.
- Contribute to security architecture and design reviews, providing input to ensure compliance with relevant regulations.
- Assisted in identifying risks and gaps in current security postures and developing actionable remediation plans in collaboration with client stakeholders.
- Support assurance activities by preparing technical documentation, implementation evidence, and audit artefacts.
- Collaborate with multidisciplinary teams, including infrastructure engineers, platform specialists, and client security personnel, to ensure integrated, secure solutions.
- Stay informed on sector-specific threats, vulnerabilities, and defensive techniques relevant to critical infrastructure and industrial environments.
- Operate professionally in regulated environments, maintaining a delivery-focused mindset across varied client contexts and stakeholder groups.
- Contribute to continuously improving internal methodologies, tooling, and knowledge sharing to strengthen Expleo’s Cybersecurity Practice and promote delivery excellence across all engagements.
- Operate effectively in remote and on-site client environments, maintaining professionalism, delivery discipline, and stakeholder trust.
Qualifications
- A degree (or equivalent experience) in Cybersecurity, Information Security, Computer Science, Network Engineering, or a related technical discipline.
- Recognised industry certifications in cybersecurity or infrastructure security (CompTIA, ISACA, ISC2, GIAC, Microsoft, CREST, Cisco Security, or equivalent).
- Certifications in security governance and frameworks: ISO/IEC 27001, NIST CSF, CAF, or CIS Controls.
- Additional vendor or platform-specific certifications (AWS, Azure, Microsoft, GCP, Palo Alto, CrowdStrike, Tenable) are advantageous.
- OT/ICS/SCADA-focused certifications: IEC 62443, GRID/GRID+ (SANS/GIAC), GICSP, or equivalent industrial cybersecurity training are desirable.
- Demonstrable commitment to continuous professional development aligned with emerging technologies, infrastructure security, and evolving cyber threat landscapes.
Essential skills
- Strong understanding of core cybersecurity principles, risk management, and control implementation in critical infrastructure environments.
- Hands-on experience with infrastructure security across cloud, on-premises, and hybrid environments.
- Proven ability to implement and assess security controls at the OT/IT boundary, including segmentation, firewalls, monitoring, and remote access safeguards.
- Familiarity with enterprise security tooling, including vulnerability management platforms, endpoint protection, SIEM, identity and access management, and logging solutions.
- Knowledge of regulatory frameworks and industry standards relevant to the E&U sector.
- Ability to conduct technical risk assessments, identify security gaps, and support the development of remediation and improvement plans.
- Strong analytical and troubleshooting skills, with the ability to work independently and respond effectively in live delivery environments.
- Excellent communication skills, with the ability to clearly explain technical findings to technical and non-technical stakeholders.
- High-quality documentation skills for producing implementation artefacts, assurance evidence, and technical guidance for client use.
- Professionalism, adaptability, and reliability in delivering within regulated, multi-stakeholder client environments.
Desired skills
- Understanding of operational technology (OT) and industrial control systems (ICS), including common architectures, protocols, and associated security challenges.
- Familiarity with security practices in SCADA environments and industrial networks, including secure remote access, DMZ configurations, and asset visibility solutions.
- Experience with regulatory engagement, audits, and providing evidence to demonstrate compliance with frameworks.
- Exposure to IT/OT convergence challenges and experience implementing or advising on segmentation and trust zone strategies.
- Awareness of sector-specific threat actors, attack techniques, and vulnerability trends.
- Ability to contribute to security design and architecture discussions within complex programs and technical environments.
Experience
- Hands-on experience in cybersecurity engineering, infrastructure security, or a related technical role, ideally within regulated or critical infrastructure sectors.
- Demonstrable experience implementing technical controls and supporting system hardening across IT infrastructure, including cloud, on-premises, and hybrid environments.
- Experience contributing to security assurance, compliance, or risk management activities in Energy and Utilities or other regulated domains.
- Proven delivery of security support at the OT/IT boundary, including collaboration with operations, engineering, or control system teams.
- Familiarity with the deployment and operational use of enterprise security tooling, vulnerability management, and identity/access management platforms.
- Track record of working directly with clients or internal stakeholders to identify security risks, support solution implementation, and produce high-quality technical documentation.
- Experience operating in multi-stakeholder environments, balancing priorities across delivery teams, internal cybersecurity functions, and client leadership.
- Experience supporting incident response, resilience testing, or disaster recovery planning in critical infrastructure contexts.
- Experience working in regulated Energy and Utilities environments, particularly in gas, water, or electricity sectors.
What do I need before I apply
- You must have the right to work in the UK.
- A strong foundation in cybersecurity engineering or infrastructure security, with practical delivery experience.
- A proactive and adaptable mindset, with the ability to work independently across diverse client environments. A passion for delivering high-quality, standards-aligned cybersecurity solutions that make a tangible impact.
- Collaborative working environment – we stand shoulder to shoulder with our clients and ourpeers through good times and challenges
- We empower all passionate technology loving professionals by allowing them to expand their skills and take part in inspiring projects
- ExpleoAcademy - enables you to acquire and develop the right skills by delivering a suite of accredited training courses
- Competitive company benefits
- Always working as one team, our people are not afraid to think big and challenge the status quo
- As a Disability Confident Committed Employer we have committed to:
- Ensure our recruitment process is inclusive and accessible
- Communicating and promoting vacancies
- Offering an interview to disabled people who meet the minimum criteria for the job
- Anticipating and providing reasonable adjustments as required
- Supporting any existing employee who acquires a disability or long term health condition, enabling them to stay in work at least one activity that will make a difference for disabled people
“We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age”.
We treat everyone fairly and equitably across the organisation, including providing any additional support and adjustments needed for everyone to thrive