Together, we’re working to welcome millions more passengers, while ensuring aviation can continue to be a force for good by leading global efforts in sustainability. At Heathrow, you can be part of this – providing solutions that make every journey better for millions each year. That means ensuring we meet the changing needs of the passengers, colleagues and partners who use our airport to work, travel, trade, shop, eat, explore and connect. Our Solutions team covers project management, process improvement, business change, technology, cyber defence, masterplanning, infrastructure and procurement. It brings together people with the skills to deliver prestigious and often large-scale projects, from transforming terminals to making big reductions in our carbon emissions.
Every day will test your skills and give you the opportunity to make your mark. You might be working with the technology and data that power our city within a city, driving vital commercial agreements with everyone from retailers to airlines, or improving the unique infrastructure that includes everything from 200 buildings to 250 HV substations. It’s a collaborative environment, where you can rely on the support of the experts around you as you take on projects you’ll both take pride in and feel passionate about.
We’re looking for a Cyber Security Analyst – Vulnerability Management to play a vital role in protecting our organisation’s IT environments. Reporting to the Cyber Security Manager – Vulnerability Management, you’ll be responsible for identifying, assessing, and driving the remediation of security vulnerabilities across our technology estate. Your work will be essential in helping the organisation maintain a strong and resilient security posture.
This role is key to proactively managing cyber risk, ensuring alignment with regulatory requirements, and supporting overall business continuity. You’ll work across teams to help prioritise and reduce vulnerabilities, making a real contribution to enterprise-wide security.

UAR ACCOUNTABILITIES:

• Understand and maintain the ISP-025 User Access Review procedure Create and maintain a plan, action logs, schedule regular review meetings and ensure actions are closed for user access reviews
• Conduct and/ or facilitate regular User Access Reviews with key stakeholders and complete a quality check activity Repeat the review exercise as per the Control Calendar published by the Cyber assurance team at the minimum of every six months
• Create regular reporting of progress to the Company cyber assurance team in accordance with the Control Calendar and team KPIs Create and maintain effective user management of access controls to the team SharePoint including performing regular access reviews
• Complete user access related activities as required by the control calendars Maintenance of engagement and communication with company assurance team, system SMEs and, where necessary, third-party suppliers’ SMEs

CAR ACCOUNTABILITIES

• Understand, analyse, and deliver business requirements in context of business intelligence related to the CAR Create regular reviews and progress of the CAR
• Understand the CAR data, analyse previous and current data and spot key performance indicators to support and meet CAR objectives Use the CAR to transform Heathrow’s business requirements into technical publication.
• Document all aspects of the CAR, from algorithms, parameters, models, all definitions, and configurations into well-defined documentation such as procedures and manuals Improve and enhance the CAR to meet Heathrow technical and strategic requirements and future changes Support the team with regulatory and compliance activities such as but not limited to Aviation regulations, UK legislation and compliance such as PCI-DSS
• Support development and contribute to fit-for-purpose security policies and maintain baseline standards and patterns, frameworks and roadmaps with the team’ that deliver the strategic goals, business priorities and comply with technical and industry/regulatory standards Support and development of plans and roadmaps for the Cyber Security Team
• Proficiency or familiarity with data science, business intelligence, and data analytics, aware of data integration and modelling, along with presentation tactics and concepts
• Experience of working with BI tools. Experience completed in working with BI systems, with ability to create and build rich dashboards
• Demonstrates experience of building, maintaining, and influencing relationships with a range of internal and external stakeholders
• Good facilitation and negotiation skills – ability to influence teams, stakeholders and individuals and motivate them
• Innovative thinking, self-starter and drive to be successful and complete is a key requirement for this position; needs to probe and follow through
• Ability to extract and summarise information such as learnings from exercises and incidents for Senior Stakeholders and other colleagues
• Ability to attain Security Clearance at CTC or higher (e.g., SC, DV) Experience of working with Operational Technology (OT) Security and understanding of thechallenges and opportunities in linking with OT Security with a compliance regime

Please refer the Job description for details