Joining Arup
Arup’s purpose, shared values and collaborative approach has set us apart for over 75 years, guiding how we shape a better world. Arup is a multidisciplinary firm of designers, planners, engineers, consultants, and technical specialists who work across every aspect of today’s built environment. Together we help our clients solve their most complex challenges – turning exciting ideas into tangible reality as we strive to find a better way and shape a better world.
The Opportunity
The role of a Cyber Security Consultant in the built environment is of paramount importance, especially when it comes to safeguarding critical infrastructure. This role provides expert guidance and aid in ensuring the security and protection of digital systems, infrastructure, and data within the built environment. We implement robust security measures, raise awareness, and develop effective response plans to protect the integrity of essential systems and the well‑being of society.
You Will Be Expected To
- Work directly with clients to identify their cyber risks, scope innovative and sustainable solutions to address those risks, estimate cybersecurity engagements and assist in proposal development.
- Conduct comprehensive risk assessments to identify potential cyber threats and vulnerabilities in the built environment.
- Develop and implement effective cyber security strategies and policies aligned with industry best practices and regulatory needs.
- Deliver effective oversight and assurance programmes to identify, manage and mitigate cyber risk.
- Manage project delivery, including task and commercial management, and manage cybersecurity staff by recruiting, training, and coaching employees.
Qualifications
- A qualification in Engineering, Computer Science, Information Security, or a related field.
- A relevant cyber‑security professional qualification (or demonstrable evidence of working towards a qualification) including, but not exclusively, NCSC Associate Cyber Professional (ACP), CISSP, CISM, CCSP, CWSP, CRISC, or CISA.
- A background in cyber security as a consultant or within an organisation that operates physical assets.
- Proven people‑management background to provide coaching and development for others to maximize their potential.
- Familiarity with built‑environment (ICS/OT) industry practices and technologies.
- Knowledge of relevant regulations and standards, such as NIST Cybersecurity Framework, ISO 27001, and IEC 62443.
Not ready to apply just yet, or have a few questions? Contact Marek Mazurowski (marek.mazurowski@arup.com). Please note, to keep GDPR compliant, do not send your CV directly to us via this email.
What We Offer You
At Arup we care about each member’s success, so we can grow together. Guided by our values, we provide an attractive total reward package that recognizes the contribution of each member to our shared success. In addition to competitive pay, we offer a career where you can belong, grow, and thrive through benefits that support health and wellbeing, a wide range of learning opportunities and many possibilities to make an impact through the work you do. We also provide private medical insurance, life assurance, accident insurance and income protection cover, and flexible benefits to help you look after all aspects of your wellbeing.
Different People, Shared Values
Arup is an equal‑opportunity employer that actively promotes and nurtures a diverse and inclusive workforce. We welcome applications from individuals of all backgrounds, regardless of age, gender identity or expression, marital status, disability, neurotype or mental health, race or ethnicity, faith or belief, sexual orientation, socioeconomic background, and whether you’re pregnant or on family leave. Guided by our values and alignment with the UN Sustainable Development Goals, we create equitable spaces, cultivate belonging for all, and support inclusive networks across race, ethnicity, gender equity, LGBTQ+ and disability inclusion. Discover more about life at Arup at www.arup.com/careers/your-life-at-arup.
Our Application Process
To understand what to expect next, please visit: https://www.arup.com/careers/recruitment-process/. Stay safe online – Arup will never ask for your bank details as part of our recruitment process. Recruitment agencies: we have a preferred supplier list of trusted partners, and do not acknowledge speculative CVs or unsolicited candidate introductions from agencies not on the list.
Closing date: 23rd November 2025
