Cyber Security Manager, Risk 2

Together, we’re working to welcome millions more passengers, while ensuring aviation can continue to be a force for good by leading global efforts in sustainability. At Heathrow, you can be part of this – providing solutions that make every journey better for millions each year. That means ensuring we meet the changing needs of the passengers, colleagues and partners who use our airport to work, travel, trade, shop, eat, explore and connect. Our Solutions team covers project management, process improvement, business change, technology, cyber defence, masterplanning, infrastructure and procurement. It brings together people with the skills to deliver prestigious and often large-scale projects, from transforming terminals to making big reductions in our carbon emissions. 

Every day will test your skills and give you the opportunity to make your mark. You might be working with the technology and data that power our city within a city, driving vital commercial agreements with everyone from retailers to airlines, or improving the unique infrastructure that includes everything from 200 buildings to 250 HV substations. It’s a collaborative environment, where you can rely on the support of the experts around you as you take on projects you’ll both take pride in and feel passionate about.

To support you with the application process, we invite you to visit the Heathrow Careers Hub. The Job Application support area includes guidance on responding to application questions, as well as useful hints and tips on CV writing. You’ll also find more information about other ways to support you in developing your career, including career stories, career planning, mentoring and access to online learning.

The Cyber Security Manager, Risk will be accountable for delivering the day-to-day oversight and management of cyber risk management.

To view the full job description, please click here: HAL_C_Cyber Security Manager.docx

• Lead and develop the Cyber Risk team, driving a culture of proactive and effective risk management.
• Own and continuously improve cyber risk policies and frameworks, ensuring alignment with Heathrow standards and industry best practice.
• Embed mature risk management practices across the business, identifying, assessing, and managing risks through modern tools and stakeholder engagement.
• Oversee audits and third-party risk management, coordinating internal/external reviews and ensuring follow-up actions are completed.
• Provide expert analysis, reporting, and guidance on emerging cyber and information security threats to support informed decision-making.

• Degree-educated (or equivalent experience) with experience in cyber risk management, ideally across IT and OT environments.
• Holds or working towards relevant certifications such as CISSP, CISM, C-RISC, CISA, or ISO 27001 Lead Auditor/Implementor.
• Strong knowledge of information security controls, standards and frameworks, including ISO 27001, NIST, and NCSC CAF.
• Solid understanding of the UK cyber regulatory landscape, particularly the NIS Regulations 2018; aviation sector experience (e.g. CAP1753) advantageous.
• Experienced in applying risk management frameworks (e.g. ISO 27005, NIST RMF) within complex operational environments.
• Proven leadership and stakeholder management skills, able to collaborate effectively with both technical SMEs and senior executives.