Share this Job

Cyber Security Certification Specialist

Apply now »

Date: 20-Jun-2022

Location: Gatwick, GB

Company: Civil Aviation Authority

Salary: £55,000 to £65,000 dependant on experience


Contract Type: Permanent


We are the UK's aviation regulator and recognised as a world leader in its field. Our activities are diverse, enabling the aviation industry to meet the highest safety standards, and we pride ourselves on our ability to adapt to the constantly evolving aviation environment.


The Role


As a Cyber Security Certification Specialist, you will be responsible for establishing and delivering cyber security responsibilities in close collaboration with the broader safety and security teams.   Working with a team of technical specialists that will support the CAA’s diverse cyber security certification and oversight activities.


Reporting to the Cyber Security Certification Lead,  you will be responsible for the delivery of cyber security approvals on initial certification and continued airworthiness of aviation products. This will be across many domains including those relating to commercial air transport, general aviation, remotely piloted air systems, space flight and innovation projects.


Industry and regulatory engagement will be required to ensure that the CAA maintains its status as a diverse, forward thinking, proactive and innovation-enabling regulator.


Core Accountabilities:


  • Establish and deliver cyber security responsibilities in accordance with applicable national and international regulation
  • Manage the effective and consistent cyber security risk assessment of applications and ensure efficient and effective stakeholder engagement through to acceptance
  • Determine compliance with cyber security requirements and make recommendations for initial approval of or changes to aerospace products Perform cyber security audits of the compliance and performance of approved Design Organisations in line with Performance Based Regulation (PBR) principles
  • Clarify existing cyber security requirements and contribute to the development of new ones to cover new technology, novel applications of existing technology and future proposals
  • Ensure that all cyber security recommendations and decisions are proportionate to the needs and safety expectations of the sector and are consistent with extant regulatory policy (using objective risk assessment techniques as necessary)
  • Act as the primary focal point and SME for all CAA regulatory cyber security design and certification requests, working in close collaboration with all CAA capability areas including but not limited to Airworthiness, Remotely Piloted Aerial Systems, Innovation, and the General Aviation Unit
  • High levels of stakeholder liaison both within and outside the CAA, incorporating other regulatory bodies and industry groups
  • Development and delivery of aerospace cyber security training and guidance as necessary
  • Support effective contributions to national and international aerospace cyber policy development (both directly and indirectly)
  • Development of aerospace cyber security policies, standards, and guidance consistent with the CAA’s Cyber Security objectives, CAA safety, security and business needs and Better Regulation principles


About You


To be considered for this role we are looking for:


  • Relevant degree or certification related to cyber certification, security by design or security architecture are highly desirable. (e.g. NCSC CCP IA Architect, CREST Registered Technical Security Architect, CISSP – ISSAP)
  • Experience in cyber security by design and/or security architecture as well as demonstrable experience or awareness of at least one of the following areas:


    • Cyber risk assessments
    • Secure software development
    • Communication and network security
    • Security assessment and testing
    • IOT security
    • Security operations and monitoring
    • Asset security


  • Aerospace knowledge or experience is highly desirable including knowledge of relevant aviation cyber related regulation (NIS, EASA Basic Regulation (EC) 216/2009 Article 8 and Annex V, EASA Part 21, Space Industry Act 2018)
  • Personal attributes of the post holder will include team worker with flexible and adaptable work ethos, highly analytic and lateral thinker with an eye for detail; methodical and critical systems thinking; you are creative and innovative with a strong ability to problem solve; capable of working under pressure and to tight deadlines
  • Strong verbal and written communication skills with a proven ability to communicate effectively at all levels and to produce concise, unambiguous discussion papers for presentation at various bodies within the CAA and Industry
  • The role holder must be passionate about both cyber security by design and aerospace, staying up to date on relevant trends/issues
  • Must be able to attain and maintain the required security vetting


What Can We Offer You?


If you are passionate about aviation, space and cyber this is a role where you can genuinely make a positive impact (both in the UK and internationally). You will be engaged in a wide range of existing, new, and emerging aviation and space cyber issues and will benefit from an organisation focused on your development and training in this exciting area.


Additional Information

For many appointments within the CAA, these roles require access to operationally sensitive infrastructure and/or Nationally Protected information. For these roles the post holders must undergo National Security Vetting and achieve the appropriate level of clearance.


To be vetted we will usually expect a reasonable period of residency in the UK so that meaningful checks can be undertaken. This can either be 3 years or 5 years depending on the level required (CTC or SC). If you do not meet these requirements, we may not be able to accept your application. For more information please visit - Vetting explained - GOV.UK (


Working With Us

We offer a range of excellent benefits such as flexible working arrangements, free onsite gym at Gatwick, discounted gym membership for London, 28 days annual leave, additional 5 days leave purchase scheme, a generous pension scheme and much more!

We are on a journey towards being increasingly adaptable, where our colleagues collaborate as part of cross-functional teams. This approach ensures we never stop learning together. It also means that you may become involved in activities that take you out of your day to day role, providing you with opportunities to develop and grow your career with us.

We have embraced hybrid working and offer flexible working patterns, being open to having a conversation about what works for you. We know where and when we work is important in achieving a work-life balance.

We are passionate about diversity and ensuring all are included at the CAA. We are an equal opportunity employer and actively encourage applications from candidates of all backgrounds. We use fair and inclusive selection approaches to hire the best person for the job based on merit alone.

As a member of the Disability Confident scheme, applicants who meet the minimum criteria for a role with us will be guaranteed an interview. If you require an adjustment for any reason, please let us know.

Our Values

Do The Right Thing, Never Stop Learning, Build Collaborative Relationships, Respect Everyone – For more information please Click Here

Closing Date: Monday 4th July 2022

Interview Date: W/C Monday 11th or 18th July 2022


We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible.


No recruitment agencies please.

Job Segment: Cyber Security, Compliance, Developer, Network Security, Security, Legal, Technology, Aviation