Cyber Delivery Lead

Overview

Expleo is a trusted partner for end‑to‑end, integrated engineering, quality services, and management consulting for digital transformation. We support organisations in harnessing technological change to deliver innovation, improve resilience, and operate securely within regulated and operationally critical environments.

As part of the Expleo UK Cybersecurity Practice, you will support clients in the delivery of complex cyber and security portfolios aligned to regulatory frameworks, critical national infrastructure expectations, and long‑term investment programmes. The role provides senior technical leadership and delivery assurance across cyber and security initiatives, acting as a trusted advisor and technical authority to client leadership teams.

You will ensure cyber initiatives are securely designed, effectively mobilised, appropriately governed, and delivered in line with organisational risk appetite, regulatory obligations, and operational priorities. This is a senior, client‑facing consulting role requiring autonomy, strong technical credibility, clear communication, and the ability to provide concise, decision‑ready advice to senior stakeholders.

 

Responsibilities

• Provide senior technical leadership and delivery assurance across client cyber and security portfolios.
• Act as the technical authority and delivery lead for agreed cyber initiatives.
• Ensure cyber programmes and projects are securely designed, mobilised, governed, and delivered in line with client risk appetite and regulatory expectations.
• Support large‑scale cyber investment programmes by providing technical direction across design, build, delivery, and transition into business‑as‑usual operations.
• Lead and coordinate CAF and eCAF readiness activities across cyber portfolios.
• Interpret and map CAF/eCAF control requirements, define remediation actions, and establish evidence‑led assurance approaches.
• Develop a clear technical view of target state, control gaps, remediation priorities, and assurance expectations.
• Provide technical input into cyber roadmaps, including sequencing, high‑risk dependencies, critical milestones, and delivery priorities.
• Work in partnership with project, programme, and transformation teams to shape delivery sequencing and manage dependencies.
• Ensure cyber initiatives align with governance, risk, compliance, and regulatory obligations.
• Embed required security controls into solution design, delivery activity, and operational handover.
• Provide technical oversight of suppliers and third parties delivering cyber capabilities.
• Support supplier mobilisation, validate deliverables, and confirm acceptance criteria and assurance obligations.
• Act as a senior technical coordination point across architecture, operations, transformation, and business stakeholders.
• Align technical priorities, manage trade‑offs, and escalate design, delivery, or assurance decisions as required.
• Provide portfolio‑level insight into cyber risks, dependencies, and constraints, highlighting resilience and regulatory impacts.
• Support senior decision‑making through clear, concise advice on cyber priorities, delivery risk, and investment trade‑offs.
• Support structured transition of cyber capabilities into operational teams, ensuring ownership, support models, and processes are clearly defined.
• Contribute to effective change management and adoption across technology, process, and people.
• Maintain appropriate documentation and evidence‑based assurance mechanisms across cyber portfolios.
• Operate independently as a subject matter expert, determining delivery approach, stakeholder engagement, and cadence required to achieve outcomes.

 

Qualifications

• Relevant education or industry‑recognised certifications in cybersecurity, information security, technology delivery, risk management, or programme delivery.
• Suitable qualifications may include BSc, MSc, CISSP, CISM, CRISC, CISA, ISO 27001 Lead Implementer/Auditor, NCSC CAF experience, Security+, CySA+, PRINCE2, MSP, Agile, or equivalent professional experience.
• Experience working in regulated, operationally critical, or critical national infrastructure environments is highly beneficial.

 

Essential skills

• Strong experience leading or assuring cyber delivery across complex portfolios or transformation programmes.
• Strong understanding of cyber governance, risk, compliance, and assurance in regulated environments.
• Practical knowledge of CAF and/or eCAF readiness, control interpretation, evidence management, and remediation planning.
• Ability to provide technical leadership from mobilisation through to transition into BAU.
• Ability to define and validate cyber scope, priorities, dependencies, risks, and control expectations.
• Strong understanding of security architecture, technical assurance, and control implementation.
• Ability to translate regulatory and risk requirements into practical delivery actions and measurable outcomes.
• Experience contributing to cyber roadmaps, delivery plans, milestone sequencing, and portfolio‑level decision‑making.
• Strong supplier and third‑party oversight capability.
• Strong stakeholder management skills, including influencing senior stakeholders and managing trade‑offs.
• Ability to produce high‑quality written outputs, assurance material, executive briefings, and decision papers.
• Strong delivery discipline and ability to operate with minimal supervision.
• Experience supporting sustainable transition into BAU, including ownership, support models, and operational readiness.

 

Desired skills

• Experience supporting large‑scale regulated investment programmes or resilience initiatives.
• Experience operating as a senior technical partner to CIOs, Heads of Cyber, or IT Transformation leadership.
• Experience developing cyber portfolio views, assurance dashboards, or executive‑level reporting.
• Experience supporting cyber capability development or strategic security platform implementation.
• Experience embedding evidence‑led assurance mechanisms across delivery.
• Experience supporting organisational change, adoption, and cyber capability transition.
• Experience working within secure collaboration and documentation environments.
• Experience handling confidential client information in line with security, data protection, and NDA requirements.

 

Experience

• Proven experience in senior cyber delivery, cyber assurance, or cyber technical authority roles.
• Experience supporting cyber portfolios or transformation programmes in regulated or operationally critical environments.
• Experience with CAF, eCAF, NIS, ISO 27001, NIST CSF, or equivalent frameworks.
• Experience defining technical priorities, roadmaps, control gaps, and remediation activities.
• Experience supporting regulatory, audit, or assurance readiness.
• Experience working with senior IT, cyber, architecture, operations, and transformation stakeholders.
• Experience managing cyber risks, dependencies, constraints, and delivery trade‑offs at portfolio or programme level.
• Experience overseeing suppliers or delivery partners implementing cyber capabilities.
• Experience supporting transition into BAU, including operating models, handover planning, and service ownership.

 

Benefits

• Collaborative working environment – we stand shoulder to shoulder with our clients and our peers through good times and challenges  
• We empower all passionate technology loving professionals by allowing them to expand their skills and take part in inspiring projects   
• Expleo Academy - enables you to acquire and develop the right skills by delivering a suite of accredited training courses  
• Competitive company benefits
• Always working as one team, our people are not afraid to think big and challenge the status quo 

 

• As a Disability Confident Committed Employer we have committed to:
• Ensure our recruitment process is inclusive and accessible
• Communicating and promoting vacancies
• Offering an interview to disabled people who meet the minimum criteria for the job
• Anticipating and providing reasonable adjustments as required
• Supporting any existing employee who acquires a disability or long term health condition, enabling them to stay in work at least one activity that will make a difference for disabled people

“We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age”. 

 

We treat everyone fairly and equitably across the organisation, including providing any additional support and adjustments needed for everyone to thrive