Cyber Security Engineer

The Cybersecurity team, within the LLA IT department, is responsible for information and cyber security at London Luton Airport. Responsibilities include information and cybersecurity risk management and ensuring compliance to CAA, NIS and ISO27001 standards. The team also works closely with our majority shareholder, Aena, and with airport partners, such as retailers, ground handlers and airlines, as well as LLA’s suppliers, to ensure a joined-up approach to information and cyber security.

We are seeking a highly skilled and motivated IT Cyber Security Engineer, with a passion for protecting digital assets against cyber threats, to join our dynamic team. The successful candidate will have a strong technical background and a thorough understanding of IT systems, which is essential for effectively securing our infrastructure, systems, and networks. Expertise in information security, risk management and compliance are essential, as is a commitment to defending LLA against cyber threats and integrating security across all layers of our IT environment to protect organizational data and technology.

This role focuses on detecting, investigating, and responding to cybersecurity threats and incidents, while also managing BAU security tasks, ongoing maintenance, supporting projects, and assisting with regulatory compliance to encourage continual enhancement of our IT security environment.

• Endpoint monitoring and analysis.
• Malware analysis and forensics research.
• Understanding/ differentiation of intrusion attempts and false positives.
• Lead investigations into security breaches, incidents, or suspicious activities and provide incident reports to stakeholders.
• Enforce security policies, procedures, and guidelines for all IT systems and operations.
• Provide recommendations for improving security practices to meet evolving regulatory and organizational needs.
• Vulnerability identification & mitigation / remediation.
• Advise incident responders & other teams on cybersecurity threats.
• Triage security events and incidents and apply containment and mitigation/remediation strategies.
• Collaborate with other IT teams to ensure seamless security integration with infrastructure, applications, and services.
• Maintain comprehensive documentation related to security configurations, incident reports, audits, and compliance activities.
• Proactively monitor the performance of systems and make regular routine inspections of installed equipment and take corrective avoidance actions to prevent wider problems.
• Function as the point of escalation for the Service Desk for security related tickets.
• Analysis of weekly vulnerability scans and update relevant records.
• Incident readiness and handling as part of the Computer Security Incident Response team (CSIRT).
• Monitor and analyse security logs from various systems (including SIEM) and network devices to identify potential threats and vulnerabilities.

• Essential: Bachelor’s degree in computer science, Information Technology, Cyber Security, or a related field.
• 5+ years of experience in cybersecurity, with a strong understanding of network protocols and security tools.
• A well organised and structured approach to work planning, time allocation to tasks, and a flexible approach to daily routines to deliver the desired results.
• An ambition to constantly learn new skills and develop knowledge, with an understanding that study time outside of working hours may be required for career development.
• Credible knowledge/experience of Microsoft Windows operating systems, Active Directory, Exchange Server, Group policies, TCP/IP, DNS, DHCP and MS Azure/EntraID.
• Capable of effectively multi-tasking, prioritising work, and managing competing interests.
• Capable of analysing information technology logs and events sources preferred.
• Working knowledge of data storage systems, data backup and restoration methods.
• Understanding of cybersecurity tooling, its purpose and functionality (Anti-Malware, IDS/IPS, Web and Email Gateways, security analysis tools, web security tools, next generation firewalls/UTMs).
• A collaborator with excellent work ethic, communication skills and a professional who maintains customer-service based approach.
• Ability to work independently while managing support to a high standard.
• Strong problem-solving and analytical skills, with the ability to work under pressure.
• Contribute credibly to IT department’s delivery of SLAs and other support targets.
• Ability to analyse vulnerabilities, threats, designs, architectures, procedures, and ability to produce reports and communicate security intelligence.
• Advanced knowledge of computer forensics; legal, government and jurisprudence as they relate to cybersecurity.
• Knowledge of Cloud computing, computer network defence, identity management, privileged access management, incident management and network security.
• Extensive experience within a NOC/SOC environment.

• IT certifications such as CompTIA A+, Network+ • Cyber certifications such as CISM, CISA, CEH, or CompTIA Security+.
• Understanding of regulatory frameworks and industry standards (e.g., NIS, NIST, ISO 27001, GDPR).
• Experience in scripting or programming languages including PowerShell for automating security tasks.

• Communication: Structures and conveys information and ideas effectively. Communicates to ensure they are understood by others, that they understand others and share information with colleagues at all levels.
• Customer Focus: Understands what the customer needs and then works to exceed their expectations and meeting their individual needs.
• Achieving results: Knows what needs to be achieved by when. Anticipates obstacles. Motivates self and others to overcome barriers and achieve results.
• Personal Responsibility & Credibility: Take personal responsibility for making things happen and achieving results, working with their line manager. Displays commitment, accountability and conscientiousness. Acts with integrity.
• Planning & organising: Identifies a goal and puts in place a sequence of steps to ensure priorities are delivered on time, making effective use of resources.
• Team Focus: Develops effective working relationships inside and outside traditional boundaries to achieve organisational goals. Breaks down barriers between groups and involves others in discussions and decisions.

You will be required to pass a range of referencing and vetting checks, including a Criminal Record Check and a Counter Terrorism Check (CTC). You must also have lived in the UK for at least 3 years with a 5-year work history, unless in education.

This job description is intended to give an appreciation of the role and the range of duties and responsibilities to be undertaken. It does not attempt to detail every activity. Specific task and objectives will be agreed on an on-going basis. The post holder will be required at all times to perform any other reasonable tasks, as requested by the Line Manager in order to meet the operational needs of the business.

For any further information, please contact the Human Resources department at askhr@ltn.aero.

London Luton Airport Operations Ltd collects your personal information when you submit your application. For more details about the personal information LLA collects, how we collect it, why we need it, what we do with it, how long we keep it and what your rights are, please see our privacy notice at https://www.london-luton.co.uk/privacy-notice.

LLA is committed to fostering, promoting and preserving a culture of diversity, equality and inclusion, as we carry out our mission. We will always be respectful and seek to learn from those different from ourselves. We strive to be an equal opportunities employer and we are determined to ensure that no applicant or employee has a negative experience for being who they are. We welcome all applications.