Cyber Security Manager, Risk

Introduction
Together, we're working to welcome millions more passengers, while ensuring aviation can continue to be a force for good by leading global efforts in sustainability. At Heathrow, you can be part of this – providing solutions that make every journey better for millions each year. That means ensuring we meet the changing needs of the passengers, colleagues and partners who use our airport to work, travel, trade, shop, eat, explore and connect. Our Solutions team covers project management, process improvement, business change, technology, cyber defence, masterplanning, infrastructure and procurement. It brings together people with the skills to deliver prestigious and often large-scale projects, from transforming terminals to making big reductions in our carbon emissions.

Every day will test your skills and give you the opportunity to make your mark. You might be working with the technology and data that power our city within a city, driving vital commercial agreements with everyone from retailers to airlines, or improving the unique infrastructure that includes everything from 200 buildings to 250 HV substations. It's a collaborative environment, where you can rely on the support of the experts around you as you take on projects you'll both take pride in and feel passionate about.

Job Description
As Cyber Security Manager, Risk, you'll lead Heathrow's day-to-day cyber risk management, driving a proactive, business-wide approach to identifying and managing threats. You'll shape and refine our risk policies and standards, ensure compliance through close collaboration with assurance teams, and build strong relationships with regulators to meet our obligations under the NIS Regulations and wider cyber resilience standards.

Your role will involve

• Lead day-to-day cyber risk management, ensuring risks are identified, assessed, and managed effectively across the business.
• Develop and enhance risk management policies and standards, aligning with industry best practice and Heathrow's enterprise risk framework.
• Work closely with assurance teams to oversee compliance of key systems and drive corrective actions where needed.
• Engage with regulators and authorities, including the Civil Aviation Authority, to support Heathrow's compliance with NIS Regulations and other cyber resilience requirements.
• Champion a culture of proactive risk management, driving continuous improvement and alignment with Heathrow's strategic goals

These Skills Are Essential

• Degree-educated (or equivalent experience) with experience in cyber risk management, ideally across IT and OT environments.
• Holds or working towards relevant certifications such as CISSP, CISM, C-RISC, CISA, or ISO 27001 Lead Auditor/Implementor.
• Strong knowledge of information security controls, standards and frameworks, including ISO 27001, NIST, and NCSC CAF.
• Solid understanding of the UK cyber regulatory landscape, particularly the NIS Regulations 2018; aviation sector experience (e.g. CAP1753) advantageous.
• Experienced in applying risk management frameworks (e.g. ISO 27005, NIST RMF) within complex operational environments.
• Proven leadership and stakeholder management skills, able to collaborate effectively with both technical SMEs and senior executives.

About Us
There's something so special about working at the world's most iconic airport. Its sights. Its sounds. Its constant air of excitement. Heathrow is an amazing backdrop to a career filled with unique opportunities.

Every day, you'll discover a world full of fresh possibilities and end the day buzzing with stories to tell, as you encounter people from all cultures, nationalities and experiences. A world full of pride for what we do and no end of exciting career prospects to explore.

It brings out the best in all of us. And inspires everyone to deliver on our ambitious plans. Together, we're working to welcome millions more passengers while ensuring aviation can continue to be a force for good by leading global efforts in sustainability.

Join us on that journey and we'll help you achieve your ambitions too. Supporting you to learn, encouraging you to be yourself, backing you to achieve more than you might ever have imagined. Because there's no place like Heathrow.

Our rewards
We offer competitive salaries and excellent benefits that will support you now and in the future. As well as performance-based annual bonuses and our longer-term Share in Success Bonus plans, we also offer generous annual leave allowances and market-leading pensions. With family friendly policies, access to private health insurance and a wide range of wellbeing tools, we'll support you to be at your best inside and outside work. And of course, we'll provide varied learning and development opportunities too. Here you'll find everything you need for a fulfilling career journey that can take you in exciting directions.

Working Location
Our Hybrid working approach offers the opportunity for colleagues in some roles to work from home for an average of two days a week, providing the flexibility to work in an agile way whilst ensuring we deliver for the operational needs of Heathrow . Working arrangements vary from team to team and will be confirmed during the recruitment process. You'll need to be based in the UK and within a commutable distance to Heathrow.

Sustainable Travel to work
Heathrow's Sustainable Travel Guide sets out easy and sustainable travel options that everyone can access.

Equal Opportunities
As an equal opportunities employer, we encourage applications from all. We believe that diverse talent makes us stronger – not least because we welcome passengers from all corners of the globe, every single day. Heathrow is an accessible place to work. With five diversity networks, we champion inclusivity and celebrate individuality.