Cyber Security Risk and Assurance Manager
This is your chance to join an organisation that matters to millions. Heathrow is a city within a city – interesting and ever changing. As critical national infrastructure, we’re playing our part in keeping the economy moving by helping to facilitate travel and trade.
Joining us now means becoming a key part of our recovery, bringing challenges and exciting opportunities as you grow your career. In 2020, we went from welcoming 80 million passengers each year and flying to over 180 destinations, to focusing on helping to facilitate the transportation of vital supplies – like medicines – and repatriation flights for the UK. As we move into 2021, we have a strong plan in place to accelerate our recovery and build back better.
We’ve not lost our focus on innovation throughout the pandemic, introducing contactless passenger journeys and UV robots to keep our airport clean and safe for colleagues and passengers. Our values remain strong. Our plans to decarbonise aviation and reach net-zero by 2050, and our continuous efforts to be a diverse and inclusive working environment, are at the heart of our organisation.
This role is a key part of the management and delivery of cyber risk and assurance in the Security Strategy and Cyber Defence Team. The Security Strategy and Cyber Defence team forms an integral part of the Technology Directorate at Heathrow.
Your role will involve:
- Develop, maintain and improve the Heathrow ISMS based on Information, IT (Information Technology) and OT (Operational Technology) Cyber risk
- Oversee and maintain the delivery of assurance activities in compliance with iso27001 ISMS and NIS regulations (plus others
- Oversee critical asset identification and risk assessments
- Lead on the second line of defence assurance work post NIS directive and iso27001 certification
- Create a framework for scoping critical systems and undertake Information and Cyber assurance activities of Heathrow’s’ supply chain
- Monitor the implementation of effective risk management/cyber security practices by performing periodic inspections, tests and review to ensure systems and processes are operational as per the ISMS and NIS/iso27001 program
These skills are essential:
- Experience of exposing security risks to audit review
- Specialist in Information Assurance and Cyber Security
- Knowledge and application of Information Risk Management to enable guidance from central principles
Ideally, you’ll also have:
- IT Security qualification CRISC/ CISSP / CISM
As well as competitive salaries, we’re committed to providing a whole host of great benefits that make this an even more rewarding place to work. They include an excellent pension scheme, life assurance, access to private health insurance and a share in our success scheme. Not only that, when you get here, we’ll nurture your skills and do all we can to help you reach your full potential.
A career with us also means being part of an organisation that cares about the community. Our plan is to meet growing passenger demand in a sustainable way that creates a positive impact on our community – and the environment. That’s why, by 2030, we want at least half of all journeys to the airport to be made by public and sustainable transport.
Join us, and you’ll have everything you need to succeed and explore the countless career destinations that are available here.
As an equal opportunities employer, we encourage applications from a diverse range of individuals. We believe that diverse talent makes us stronger – not least because we welcome passengers from all corners of the globe, every single day. At Heathrow we’re an accessible place to work, driven by inclusivity and celebrating individuality. For more information, please visit our diversity & inclusion page.