OT Cybersecurity Technical Lead - Rail Sector
Join to apply for the OT Cybersecurity Technical Lead - Rail Sector role at Expleo Group.
Expleo is a trusted partner for end-to-end, integrated engineering, quality services, and management consulting for digital transformation. We help businesses harness technological change to deliver innovations that provide a competitive advantage and improve everyday life worldwide.
As part of the Expleo Digital and Emerging Technology (DET) team, reporting to the Head of Cybersecurity, you will join our Cybersecurity Practice. We seek a highly experienced OT Cybersecurity Technical Lead to support a strategic client engagement in the UK rail sector, focusing on operational technology and safety-critical infrastructure security.
You will lead the technical assurance and delivery of cybersecurity activities across a programme involving legacy and modern OT systems, rail-specific technologies, and industrial control components. You will collaborate with engineering and operational teams to embed cybersecurity throughout the lifecycle, ensuring compliance with UK rail regulations, industry standards, and best practices.
Responsibilities
* Act as the cybersecurity technical lead for a key UK rail client engagement, focusing on OT and safety-critical systems.
* Provide hands-on technical leadership to guide secure delivery, ensuring alignment with project requirements and standards.
* Collaborate with client teams to integrate cybersecurity into system design, deployment, and operations.
* Define cybersecurity requirements for rail-specific, legacy, and modern industrial platforms.
* Support security risk assessments, threat modeling, and control frameworks per standards.
* Contribute to assurance artefacts, including security cases, risk registers, and compliance documentation.
* Provide expertise on OT protocols, SCADA systems, field devices, and network architecture.
* Engage with stakeholders, suppliers, and technical teams to ensure collaboration and secure outcomes.
* Mentor and support team members embedded within the client account.
* Participate in knowledge sharing and capability development within the Cybersecurity Practice.
Qualifications
* A degree or equivalent in Cybersecurity, Systems Engineering, Electrical/Electronic Engineering, or related fields.
* Recognised cybersecurity certifications such as CISSP, CISM, CISA, GICSP, SABSA, or similar.
* Certifications or training in OT security like IEC 62443, GIAC GICSP, SCADA/ICS security, or vendor-specific platforms.
* Knowledge of rail sector security and safety standards is highly desirable.
* Understanding of UK regulatory frameworks including NIS/NIS2 and UK CNI.
* Additional certifications in Secure by Design, systems assurance, or control systems architecture are advantageous.
* Continuous professional development in OT security trends and resilience practices.
Essential Skills
* Deep understanding of OT environments, including SCADA, field devices, protocols, and control networks.
* Strong grounding in cybersecurity principles for critical infrastructure, threat modeling, and risk analysis.
* Ability to define, implement, and assure security controls in complex OT/IT systems.
* Experience integrating cybersecurity into engineering lifecycles and requirements.
* Knowledge of cybersecurity and safety standards.
* Excellent communication and stakeholder engagement skills.
* Ability to produce high-quality documentation and assurance artefacts.
* Familiarity with UK cybersecurity regulations and sector guidance.
* Leadership in technical discussions and delivery planning.
* Adaptability and focus on delivery in complex environments.
Desired Skills
* Knowledge of safety-critical system design and safety-security interactions.
* Experience with engineering governance tools and requirement traceability.
* Involvement in cybersecurity audits or regulatory reviews.
* Understanding supply chain security and third-party risk management.
* Experience in incident response, resilience testing, or crisis management in OT.
* Ability to create cybersecurity architecture documentation and reference models.
Experience
* Proven cybersecurity experience in OT, control systems, or industrial environments.
* Track record in delivering cybersecurity outcomes in complex infrastructure projects, ideally in the UK rail or safety-critical transport sectors.
* Leadership or coordination experience across multidisciplinary teams.
* Hands-on implementation and assurance of security controls in OT, including legacy systems and SCADA.
* Knowledge of UK standards like TS 50701, IEC 62443, ISO/IEC 27001.
* Experience integrating cybersecurity into systems engineering and governance frameworks.
* Client-facing roles involving technical reviews, risk assessments, and compliance.
* Experience working within regulated or secure environments, understanding classification and physical security.
* Mentoring or supporting junior cybersecurity engineers.
* Contribution to internal capability development and pre-sales support.
* Experience in regulated CNI sectors is a plus.
Pre-application Requirements
* You must have the right to work in the UK.
* Strong background in cybersecurity delivery within OT, preferably in rail or transportation.
* Proven ability to lead cybersecurity workstreams and engage stakeholders.
* Collaborative mindset focused on delivery, quality, and regulatory compliance.
Benefits
* Collaborative working environment supporting skill expansion and inspiring projects.
* ExpleoAcademy training for skill development.
* Competitive benefits package.
* Inclusive culture promoting diversity and accessibility.
"We are an equal opportunities employer and welcome applications from all qualified persons regardless of race, sex, disability, religion, sexual orientation, or age."
Additional Details
* Seniority level: Mid-Senior level
* Employment type: Full-time
* Job function: Information Technology
* Industries: IT Services and IT Consulting
#J-18808-Ljbffr