At Heathrow, you’ll be working at the intersection of national security, global travel, and cutting-edge technology. This role places you at the centre of safeguarding one of the UK’s most high-profile organisations, offering a platform to make real impact while building lasting professional credibility in cyber risk and assurance
- Lead the delivery of Heathrow’s Information and Cyber Security Assurance function, covering both internal and third-party environments.
- Oversee the implementation and continuous improvement of our ISMS, ensuring ongoing compliance with ISO 27001, NIS regulations, and other relevant standards (e.g., PCI-DSS, Data Protection).
- Maintain Heathrow’s Cyber Risk Register and ensure it is aligned with broader security and corporate risk governance.
- Oversee assurance activities across critical systems and the supply chain, including audits, risk assessments, and second-line-of-defence validation work.
- Provide clear, authoritative cyber risk reporting to senior stakeholders, regulators (e.g., CAA), government agencies, and industry partners.
- Collaborate with colleagues across Cyber, Technology, Intelligence, Risk, and Operational teams to embed security into the delivery lifecycle and ensure Heathrow’s resilience.
- Support the Heathrow Cyber Governance process, breach management activities, and regulatory responses as required.
- Proven experience leading cyber assurance or risk functions in a complex, regulated, and outsourced technology environment.
- In-depth understanding of ISO27001, NIS Directive, and associated audit and compliance processes.
- Strong ability to translate technical security risk into business language for a range of audiences — from engineers to executives.
- Familiarity with a wide range of cyber security technologies (e.g., SIEM, incident response, vulnerability management, O365 protection, threat intelligence).
- Experience managing cyber security assurance across both IT and OT environments and working with third-party supply chains.
- Skilled in building and influencing relationships with internal stakeholders and external agencies, including regulators or auditors.
- Degree-level education or equivalent experience.
- Relevant security certifications (e.g., CISSP, CISM, CRISC, CCSK, GCIA, GCIH).
- Strong knowledge of cyber risk management frameworks and governance models.
- Desirable: Experience working with cloud environments, especially Microsoft Azure, and understanding of cloud security best practices.
- Desirable: Exposure to Critical National Infrastructure (CNI) or aviation regulatory environments.
There’s something so special about working at the world’s most iconic airport. Its sights. Its sounds. Its constant air of excitement. Heathrow is an amazing backdrop to a career filled with unique opportunities.
Every day, you’ll discover a world full of fresh possibilities and end the day buzzing with stories to tell, as you encounter people from all cultures, nationalities and experiences. A world full of pride for what we do and no end of exciting career prospects to explore.
It brings out the best in all of us. And inspires everyone to deliver on our ambitious plans. Together, we’re working to welcome millions more passengers while ensuring aviation can continue to be a force for good by leading global efforts in sustainability.
Join us on that journey and we'll help you achieve your ambitions too. Supporting you to learn, encouraging you to be yourself, backing you to achieve more than you might ever have imagined. Because there’s no place like Heathrow.
Our rewards
We offer competitive salaries and excellent benefits that will support you now and in the future. As well as performance-based annual bonuses and our longer-term Share in Success Bonus plans, we also offer generous annual leave allowances and market-leading pensions. With family friendly policies, access to private health insurance and a wide range of wellbeing tools, we’ll support you to be at your best inside and outside work. And of course, we’ll provide varied learning and development opportunities too. Here you’ll find everything you need for a fulfilling career journey that can take you in exciting directions.
Working Location
Our Hybrid working approach offers the opportunity for colleagues in some roles to work from home for an average of two days a week, providing the flexibility to work in an agile way whilst ensuring we deliver for the operational needs of Heathrow. Working arrangements vary from team to team and will be confirmed during the recruitment process. You’ll need to be based in the UK and within a commutable distance to Heathrow.
Sustainable Travel to work
Heathrow’s Sustainable Travel Guide sets out easy and sustainable travel options that everyone can access.
Equal Opportunities
As an equal opportunities employer, we encourage applications from all. We believe that diverse talent makes us stronger – not least because we welcome passengers from all corners of the globe, every single day. Heathrow is an accessible place to work. With five diversity networks, we champion inclusivity and celebrate individuality.