Overview
We are looking for an experienced Programme Manager to lead a major cybersecurity and compliance improvement programme. The role focuses on strengthening cyber resilience, governance, and assurance in a regulated operational environment.
You will manage a high‑profile programme, working closely with client leaders, operational teams, and technical specialists. Strong consultancy experience and a background in cyber governance, compliance uplift, assurance, and business change are essential. Knowledge of CAF and ideally eCAF is highly beneficial. This is a client‑facing leadership role that requires strong delivery discipline, clear communication, and the ability to drive progress across multiple workstreams.
Responsibilities
* Lead the cybersecurity and compliance improvement programme for a key client in the water sector.
* Build and maintain integrated programme and project plans aligned to milestones, dependencies, and regulatory priorities.
* Set up and run governance structures, including steering groups, RAID management, reporting, and decision forums.
* Coordinate delivery across client teams, SMEs, operational staff, suppliers, and third parties.
* Identify, track, and escalation of risks, issues, assumptions, and dependencies.
* Shape and support the delivery of remediation and improvement plans following assessments or assurance activities.
* Manage budgets, forecasting, and resource planning.
* Ensure deliverables meet required quality levels and comply with regulatory and client expectations.
* Work closely with cybersecurity and operational teams to align technical, business, and operational needs.
* Contribute insights to support the growth of the Expleo Cybersecurity Practice.
Qualifications
* Degree or equivalent experience in Programme Management, Business Change, IT, Cybersecurity, Engineering, or similar.
* Project/programme management certifications (PRINCE2, APM, MSP, PMP, etc.).
* Knowledge of CAF, eCAF, NIST CSF, ISO 27001, or similar frameworks (highly desirable).
Essential skills
* Strong programme governance and structured delivery management experience.
* Ability to define strategy, direction, and long‑range plans for multi‑workstream programmes.
* Good understanding of cyber governance, compliance, assurance, and control improvement.
* Practical experience with CAF and ideally eCAF‑related delivery.
* Ability to apply structured delivery methods in regulated environments.
* Strong leadership, communication, and self‑management skills.
* Confident influencer who can engage senior stakeholders.
* Proficiency with Microsoft tools and standard governance/reporting tools.
* High attention to detail and strong quality focus.
Desired skills
* Understanding of cybersecurity challenges across IT and OT environments.
* Knowledge of operational resilience and service continuity considerations.
* Consultancy background with strong client relationship skills.
* Experience with supplier coordination or cross‑functional transformation.
* Ability to turn high‑level objectives into structured plans and governance outputs.
Experience
* Experience coordinating multi‑disciplinary teams across business, IT, operations, and suppliers.
* Experience in regulated or critical national infrastructure environments (desirable).
* Experience in water, utilities, energy, or other CNI sectors.
* Strong experience in governance, reporting, and stakeholder management.
* Proven cybersecurity‑related delivery experience (compliance uplift, assurance, remediation, policy, etc.).
* Experience working across technology, operational, business, and supplier landscapes.
* Background in CNI‑regulated sectors (highly desirable).
* Experience with infrastructure, operational resilience, or transformation programmes is beneficial.
* Consultancy or professional services delivery experience is an advantage.
* Experience in programme or project delivery, ideally with large, complex, or multi‑workstream initiatives
* Evidence of ongoing professional development.
* Experience supporting regulatory, assurance, or compliance‑driven programmes.
Benefits
* Collaborative working environment – we stand shoulder to shoulder with our clients and our peers through good times and challenges.
* We empower all passionate technology‑loving professionals by allowing them to expand their skills and take part in inspiring projects.
* ExpleoAcademy – enables you to acquire and develop the right skills by delivering a suite of accredited training courses.
* Competitive company benefits.
* Always working as one team, our people are not afraid to think big and challenge the status quo.
* As a Disability Confident Committed Employer we have committed to:
* Ensure our recruitment process is inclusive and accessible.
* Communicating and promoting vacancies.
* Offering an interview to disabled people who meet the minimum criteria for the job.
* Anticipating and providing reasonable adjustments as required.
* Supporting any existing employee who acquires a disability or long‑term health condition, enabling them to stay in work at least one activity that will make a difference for disabled people.
We are an equal opportunities employer and welcome applications from all suitably qualified persons regardless of their race, sex, disability, religion/belief, sexual orientation or age.
We treat everyone fairly and equitably across the organisation, including providing any additional support and adjustments needed for everyone to thrive.
#LI-DS1
J-18808-Ljbffr