Aviation Cyber Security Lead

Key Responsibilities

• Part-IS and other aviation-specific security frameworks 
• ISA/IEC 62443 requirements and application to aviation OT 
• Penetration testing techniques relevant to OT and aviation systems 
• Avionics, airport infrastructure, ground systems, airline operational technologies 
• Lead and oversee cyber engagements within the aviation ecosystem, including:  
• Airports, ANSPs, MNO, airlines, OEMs, ground handling, avionics suppliers 
• Safety-critical OT networks and mission-critical control systems 

• OT penetration testing 
• Threat modelling and risk assessments 
• Security architecture review for aviation technologies 
• Compliance assessments and gap analyses (Part-IS, 62443, NIS2 where applicable) 
• Oversee technical quality, ensuring best-in-class delivery to clients. 

• Support the creation and refinement of NCC Group’s aviation services and propositions.

• Identify opportunities 
• Create proposals 
• Participate in client meetings and presentations 
• Represent NCC Group at aviation cyber conferences, industry forums, and working groups. 

• Operate as part of the wider Global Transport Practice, contributing to multi-modal cyber projects. 

• Rail 
• Maritime 
• Automotive 
• Work closely with colleagues across geographies to develop integrated cyber security solutions. 

• Coach and mentor internal consultants on aviation cyber security concepts, systems, and regulations. 
• Develop internal guidance, training materials, and workbooks/playbooks. 
• Promote a collaborative, high-performance culture. 

• Act as a trusted advisor to stakeholders at all levels. 
• Ensure exceptional client experience through clear communication, professionalism, and delivery excellence. 
• Build long-term relationships with global aviation customers. 

Skills, Knowledge and Expertise

• Airports 
• Airlines 
• OEMs 
• Avionics manufacturers 
• ANSPs 

• Part-IS 
• ISA/IEC 62443 
• OT networks, architectures, and protocols 
• Security risk assessment in safety-critical environments 

• Penetration testing (OT preferred) 
• Threat modelling 
• Incident response 
• Architecture review 
• Comfortable providing client-facing advisory services. 
• Experience working in or with regulated environments. 
• Ability to simplify complex cyber concepts for diverse audiences. 

• Certifications (one or more):  GICSP, CISSP, CISM, CRT/OSCP, CISA, CCSFP, 62443 certificates, CREST 
• Background in engineering, avionics, or airport operations. 
• Experience with NIS/NIS2, EASA, FAA, ICAO cyber requirements. 
• Experience contributing to sales or pre-sales cycles. 

Benefits

• Flexible Working: Balance your work and personal life with our flexible working options. 
• Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave. 
• Medicash & Critical Illness Scheme 
• Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme. 
• Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities. 
• Green Car Scheme: Drive green and save money with our eco-friendly car scheme. 
• Cycle Scheme: Stay fit and healthy with our cycle-to-work scheme. 
• Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet. 
• Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.