Cyber Security Oversight Specialist

Salary: £50,477 up to £65,000 dependent upon experience

Contract Type: Permanent – Full Time

Security Level: SC

Visa Restrictions: This position does not offer visa sponsorship.

We are the UK's aviation and aerospace regulator and recognised as a world leader in its field. Our activities are diverse, enabling the aviation industry to meet the highest safety standards, and we pride ourselves on our ability to adapt to the constantly evolving aviation environment.

The Role

As a Cyber Security Oversight Specialist, you’ll support the UK’s National Cyber Security Strategy for aviation by overseeing and developing cyber regulation, standards and guidance. You’ll review relevant cyber information, cyber security assessments and corrective action plans to determine compliance by regulated entities with regulations. You will monitor entities’ progress with their corrective actions and hold them to account for any areas of deficiency.

You will also quantify the risks presented by the use of technology within aviation and will evaluate the threats to those technology systems. You will present those evaluations to industry and to other teams within the CAA.

Key Responsibilities:

• Act as the primary focal point and subject matter expert (SME) on aviation and aerospace cyber risks and threats. Chair the Cyber Safety Risk Panel (SRP) within the CAA. Contribute to industry forums.
• Attend other SRPs on Key Risk Areas (KRA) across the CAA to ensure cyber risks to safety are effectively considered across all capability areas.
• Review aviation cyber risks through threat, vulnerability, and impact assessments. Communicate those risks effectively to both industry and the wider CAA to inform decision making regarding aerospace safety and aviation security.
• Communicate that risk to the wider CAA, for example, during KRA SRP meetings.
• Understand how aviation organisations are meeting regulatory cyber security requirements and integrate with Performance Based Regulation (including relevant safety and security management systems).
• Create and update of Cyber Assessment Frameworks, baselines and evidentiary requirements to support the CAA’s Cyber Security Oversight model.
• Review relevant cyber information, mitigation plans and to perform ongoing oversight to determine compliance by regulated entities.
• Develop aviation cyber security policies, standards and guidance consistent with the CAA’s Cyber Oversight objectives, CAA safety, security and business needs and Better Regulation principles.
• Support effective contributions to national and international aviation cyber policy development (both directly and indirectly).
• Develop and deliver aviation cyber security training and guidance as necessary.
• High levels of stakeholder liaison both within and outside the CAA, incorporating other regulatory bodies and industry groups.

About You

• We're looking for someone who is passionate about cyber security, aviation, or preferably both. We want someone that can interpret the risk that the use of technology may present to aviation and can understand the threat that is presented to aviation by cyber threat actors.

• We want someone that is willing to take into consideration a range of stakeholders’ views, consider the requirements in the regulations, and then determine an appropriate and proportionate cyber security oversight response.

• You will be a great team player with a flexible, creative and proportionate approach.

• You will possess great interpersonal and presentation skills and have the ability to get your point across in a clear and straightforward manner, both in writing and verbally.

• Previous cyber security experience is not mandatory, but we would like the candidate to possess skills, knowledge and experience either in aviation safety, aviation security, or cyber security.

• You must be able to attain and maintain the required security vetting, currently a UK government Security Check (SC) clearance.

• You will also require a full UK driving licence.

Domestic travel will be required for the role, although it is planned in advance and sufficient notice will be given. We do not mandate that individuals in the team be in the office on any set day, however, there will be a small number of occasions on which your presence in the office is specifically requested.

Our Vision

Our Vision is for an aerospace system that is resilient to cyber threats.

Our Mission is to ensure UK aerospace takes an effective approach in the management of cyber security risks in order to continuously improve safety, security, and resilience outcomes for the aerospace system.

”.

Additional Information

For many appointments within the CAA, these roles require access to operationally sensitive infrastructure and/or Nationally Protected information. For these roles the post holders must undergo National Security Vetting and achieve the appropriate level of clearance.

To be vetted we will usually expect a reasonable period of residency in the UK so that meaningful checks can be undertaken. For this role this will need to be 5 years.

If you do not meet these requirements, we may not be able to accept your application.

For more information on SC clearance please visit - Vetting explained - GOV.UK (www.gov.uk)

The CAA values high ethical standards and personal integrity among employees. If invited for interview you will be asked to complete a declaration of interest.

Relocation & Property
 

The CAA will be relocating from Aviation House (Our Gatwick Office) to new premises in a few years’ time. Our move is driven by strategic, operational and environmental considerations.

We will be moving to a new local home, up to a 15-mile radius of Aviation House, to minimise disruption for our valued colleagues and customers.

We are now working with colleagues and visitors to understand what we need in our new office, before we start our property search. We will sell Aviation House and land, vacate the site and move to new premises, but we do not expect to move before 2028

Inclusive Recruitment

We are passionate about diversity and ensuring all are included at the CAA. We are an equal opportunity employer and actively encourage applications from candidates of all backgrounds.

As a member of the Disability Confident scheme, applicants who meet the minimum criteria for a role with us will be guaranteed an interview. We use fair and inclusive selection approaches to hire the best person for the job based on merit alone. If you require an adjustment for any reason, please let us know.

Working With Us

We are on a journey towards being increasingly adaptable, where our colleagues collaborate as part of cross-functional teams. This approach ensures we never stop learning together. It also means that you may become involved in activities that take you out of your day-to-day role, providing you with opportunities to develop and grow your career with us.
 

We have embraced hybrid working and offer flexible working patterns, being open to having a conversation about what works for you. We know where and when we work is important in achieving a work-life balance.

We offer a range of excellent benefits such as flexible working arrangements, free onsite gym at Gatwick, discounted gym membership for London, 28 days annual leave, additional 5 days leave purchase scheme, a generous pension scheme and much more!

Our Values
 

Do The Right Thing, Never Stop Learning, Build Collaborative Relationships, Respect Everyone – For more information please Click Here
 

Closing Date: Wednesday 2nd April 2025

Interview Date: W/C Monday 7th or 14th April 2025

Please Note: Interviews will be conducted either online by video conference using Microsoft Teams or in person.

We reserve the right to close this vacancy early if we receive sufficient applications for the role. Therefore, if you are interested, please submit your application as early as possible.

No recruitment agencies please.