Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Embed security practices in software development and ensure secure coding from the start.
- Company: Heathrow, a leader in aviation with a commitment to security and innovation.
- Benefits: Hybrid working, competitive salary, and opportunities for professional growth.
- Why this job: Join a dynamic team and make a real impact on secure software development.
- Qualifications: 3+ years in Cyber Security or DevSecOps with strong collaboration skills.
- Other info: Diverse and inclusive workplace with excellent career advancement opportunities.
The predicted salary is between 36000 - 60000 £ per year.
The Cyber Security Analyst – Secure Development is responsible for embedding secure-by-design and security-by-default principles across Heathrow’s entire software development lifecycle (SDLC). Working as part of the Cyber Security Team and reporting to the Lead Architect, Cyber Applications & AI, the role provides expert security advisory, assessment and automation capabilities to ensure security is built into code and development processes from inception rather than treated as a follow-on activity. The role plays a key part in fostering a collaborative DevSecOps culture, enabling development teams to deliver high-quality, secure software while maintaining pace and innovation in a complex, safety- and security-critical environment.
Responsibilities
- Secure Development & SDLC Integration: Embed secure development practices across all stages of the SDLC, from design and build through to deployment and maintenance. Ensure security requirements, patterns and controls are incorporated early into application and platform design. Promote and enable secure-by-design and security-by-default principles across the development community.
- Advisory & Assessment: Provide hands-on security advisory support to software engineering teams, architects and product owners. Conduct security design reviews, code assessments and threat modelling activities. Assess development pipelines, tooling and environments to identify security weaknesses and improvement opportunities.
- Monitoring & Detection: Monitor development environments, repositories and pipelines for poor security practices, exposed secrets, credentials and misconfigurations. Support the identification, triage and remediation of security findings in collaboration with development teams.
- Security Automation & Tooling: Design, implement and maintain automated security checks within CI/CD pipelines, including static, dynamic and dependency scanning. Enable consistent and scalable security controls through automation, reducing manual overhead and improving developer experience. Work with platform and tooling teams to integrate security capabilities into development ecosystems.
- Collaboration & Culture: Foster a collaborative, trust-based relationship between the Cyber Security team and the development community. Act as a security champion, influencing ways of working and promoting security awareness and ownership within engineering teams. Build strong working relationships with internal and external colleagues, partners and suppliers.
- Continuous Improvement: Stay current with emerging threats, secure coding techniques and DevSecOps best practices. Contribute to the evolution of secure development standards, patterns and guidance. Support continuous improvement of Heathrow’s application security maturity.
Qualifications
- Experience: Minimum 3 years’ relevant technical experience in Cyber Security, application security, secure development or DevSecOps. Practical experience working within software development environments and modern SDLC practices. Proven experience working collaboratively within multi-disciplinary teams.
- Essential Skills: Strong understanding of application security principles and common vulnerabilities (e.g., OWASP Top 10). Experience embedding security into SDLC and CI/CD pipelines. Ability to assess code, architectures and development practices from a security perspective. Familiarity with security tooling such as SAST, DAST, dependency scanning and secrets detection. Strong stakeholder engagement and relationship-building skills. Ability to communicate security concepts clearly and pragmatically to technical and non-technical audiences. Collaborative mindset with a focus on enablement rather than control.
Working Location: Our Hybrid working approach offers the opportunity for colleagues in some roles to work from home for an average of two days a week, providing the flexibility to work in an agile way whilst ensuring we deliver for the operational needs of Heathrow. Working arrangements vary from team to team and will be confirmed during the recruitment process. You will need to be based in the UK and within a commutable distance to Heathrow.
Equal Opportunities: As an equal opportunities employer, we encourage applications from all. We believe that diverse talent makes us stronger – not least because we welcome passengers from all corners of the globe, every single day. Heathrow is an accessible place to work. With five diversity networks, we champion inclusivity and celebrate individuality.
Cyber Security Analyst, DevSecOps in Hounslow employer: Heathrow Airport
Contact Detail:
Heathrow Airport Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Cyber Security Analyst, DevSecOps in Hounslow
✨Tip Number 1
Network like a pro! Get out there and connect with folks in the Cyber Security and DevSecOps space. Attend meetups, webinars, or even just chat with people on LinkedIn. You never know who might have the inside scoop on job openings!
✨Tip Number 2
Show off your skills! Create a portfolio that highlights your experience with secure development practices and any cool projects you've worked on. This is your chance to demonstrate how you can embed security into the SDLC and CI/CD pipelines.
✨Tip Number 3
Prepare for interviews by brushing up on your knowledge of application security principles and common vulnerabilities. Be ready to discuss how you've tackled security challenges in past roles and how you can contribute to fostering a collaborative DevSecOps culture.
✨Tip Number 4
Don't forget to apply through our website! We love seeing candidates who are genuinely interested in joining our team. Tailor your application to highlight your relevant experience and how you can help us improve Heathrow’s application security maturity.
We think you need these skills to ace Cyber Security Analyst, DevSecOps in Hounslow
Some tips for your application 🫡
Tailor Your CV: Make sure your CV speaks directly to the Cyber Security Analyst role. Highlight your experience with secure development practices and any relevant tools you've used. We want to see how your skills align with our needs!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about embedding security in the SDLC and how you can contribute to fostering a DevSecOps culture at Heathrow. Let us know what makes you tick!
Showcase Your Collaboration Skills: Since this role involves working closely with various teams, make sure to highlight your collaborative experiences. Share examples of how you've built relationships and influenced security practices in past roles. We love a team player!
Apply Through Our Website: Don't forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy – just follow the prompts and let us see your amazing skills!
How to prepare for a job interview at Heathrow Airport
✨Know Your SDLC Inside Out
Make sure you’re well-versed in the software development lifecycle (SDLC) and how security fits into each stage. Be ready to discuss specific examples of how you've embedded secure practices in past projects, as this will show your practical experience.
✨Brush Up on Security Principles
Familiarise yourself with key application security principles and common vulnerabilities, especially the OWASP Top 10. Prepare to explain how you would assess code and architectures for security weaknesses, as this is crucial for the role.
✨Showcase Your Collaboration Skills
Since this role involves working closely with development teams, be prepared to share examples of how you've fostered collaboration in previous roles. Highlight any experiences where you acted as a security champion or influenced ways of working positively.
✨Stay Current with Trends
Keep up-to-date with the latest trends in cyber security and DevSecOps best practices. During the interview, mention any recent developments or tools you've explored that could enhance security automation and tooling in a CI/CD pipeline.
