Salary: £41,000 - 81,000 per year Requirements: We require relevant education or industry-recognised certification in cybersecurity, systems engineering, software engineering, hardware engineering, computer science, or a related discipline. We consider qualifications such as BSc, MSc, CISSP, CISM, CRISC, Security, CySA, CASP, GIAC, IEC 62443-related certifications, systems engineering qualifications, or equivalent professional experience. We highly value defence, MOD, secure engineering, product security, or accreditation-related experience. We need a strong understanding of cyber engineering across hardware, embedded, and software engineering environments. We require experience supporting the development of secure engineered solutions; IT-only cybersecurity experience is not sufficient. We need the ability to create cyber engineering plans, delivery estimates, and security work packages for projects and bids. We require practical experience producing threat models and cyber risk assessments across the full project lifecycle. We need knowledge of risk management approaches and frameworks such as NIST RMF. We require knowledge of security baselines and control frameworks such as NIST, IEC 62443, or equivalent. We need the ability to define, manage, and track cybersecurity requirements. We require understanding of Secure by Design principles and their application within complex engineering or defence environments. We need the ability to develop and maintain a cybersecurity case, including evidence, assurance arguments, risk decisions, and supporting artefacts. We require understanding of vulnerability analysis, including commissioning external assessments and interpreting findings. We need strong technical documentation skills, including the ability to contribute to cyber operations manuals and technical assurance material. We require the ability to assess supplier cybersecurity evidence and support product cybersecurity assurance activities. We need strong stakeholder engagement skills, including the ability to brief senior stakeholders, customers, and internal cyber assurers. We require the ability to work independently, manage assigned deliverables, and take responsibility for delivery to cost and schedule. We expect proven experience in cyber engineering, product cybersecurity, secure systems engineering, or a closely related discipline. We value experience working on hardware, embedded systems, and/or software engineering projects. We value experience producing cybersecurity artefacts to support assurance, accreditation, or customer acceptance. We value experience working with engineering teams across the project lifecycle, from concept and design through to implementation, assurance, and in-service support. We value experience supporting defence, MOD, secure government, aerospace, critical systems, or other highly regulated engineering environments. We value experience engaging with senior stakeholders, customers, technical authorities, engineering leads, and cyber assurance teams. We value experience supporting MOD security working groups or MOD Secure by Design accreditation processes. We value experience developing in-service cyber support plans and capabilities, including incident response plans, vulnerability management plans, security monitoring or operational support arrangements, and security maintenance and update processes. We value understanding of software, hardware, and embedded development and testing pipelines. We value experience reviewing hardware and software designs for cybersecurity weaknesses. We value experience supporting security assurance for suppliers, third-party products, or integrated systems. We value experience working with safety-related, mission-critical, or operationally constrained systems. We value familiarity with secure development, systems engineering, model-based engineering, or requirements management. Responsibilities: We provide cyber engineering expertise across hardware, embedded, and software engineering projects, bids, and delivery teams. We support the development of secure engineered solutions, ensuring cybersecurity is embedded across the full project lifecycle. We create, estimate, and maintain cyber engineering plans for projects and bids, including activities, artefacts, assumptions, dependencies, and delivery effort. We generate, iterate, and maintain threat models and cyber risk assessments throughout the project lifecycle using appropriate frameworks and methods such as NIST RMF. We identify and define proportionate risk treatments by applying suitable security baselines, including NIST RMF and IEC 62443 where appropriate. We generate, manage, and track security requirements, ensuring traceability from threat, risk, and control decisions through to solution design and assurance evidence. We support MOD security working groups and Secure by Design cybersecurity accreditation activities. We create, maintain, and contribute to the cybersecurity case, ensuring evidence, risk decisions, assumptions, and assurance arguments are clearly documented. We commission, manage, and interpret the results of external vulnerability analysis, ensuring outputs are assessed and incorporated into risk treatment, assurance, and delivery planning. We contribute cyber operations content to technical documentation, including security operating procedures, operational guidance, and cyber operations manuals. We support supplier product cybersecurity assurance, ensuring supplier-provided components, products, or systems can be integrated into the wider cybersecurity case. We review hardware, embedded, and software solution designs for potential cybersecurity weaknesses and recommend proportionate mitigations. We work independently without day-to-day supervision and take responsibility for the delivery of assigned task deliverables. We deliver cyber engineering outputs to agreed cost, schedule, and quality expectations. We lead and contribute to meetings relevant to the delivery of cyber engineering activities. We produce clear written material and brief effectively to senior stakeholders within the client organisation, customer teams, and internal cyber assurance functions. We work closely with engineering, systems, software, hardware, safety, assurance, and programme teams to support secure delivery. We support the growth of our Cybersecurity Practice through knowledge sharing, technical contribution, and client-facing delivery excellence. Technologies: Embedded Hardware Support Security More: We are Expleo UK, and our Cybersecurity Practice is supporting a key client engagement in Belfast. This role is a hands-on cyber engineering position focused on hardware, embedded systems, and software, with an emphasis on secure-by-design delivery, threat and risk assessment, security requirements management, and accreditation support across the project lifecycle. You will work closely with engineering teams, bid teams, customer stakeholders, internal cyber assurers, and MOD-related security groups. The role offers the opportunity to contribute to technically challenging, highly regulated work while helping us grow our cybersecurity capability through knowledge sharing and client-facing delivery excellence. last updated 21 week of 2026