Cyber Security Analyst, Cloud

Introduction

Together, we’re working to welcome millions more passengers, while ensuring aviation can continue to be a force for good by leading global efforts in sustainability. At Heathrow, you can be part of this – providing solutions that make every journey better for millions each year. That means ensuring we meet the changing needs of the passengers, colleagues and partners who use our airport to work, travel, trade, shop, eat, explore and connect. Our Solutions team covers project management, process improvement, business change, technology, cyber defence, masterplanning, infrastructure and procurement. It brings together people with the skills to deliver prestigious and often large-scale projects, from transforming terminals to making big reductions in our carbon emissions.

Every day will test your skills and give you the opportunity to make your mark. You might be working with the technology and data that power our city within a city, driving vital commercial agreements with everyone from retailers to airlines, or improving the unique infrastructure that includes everything from 200 buildings to 250 HV substations. It’s a collaborative environment, where you can rely on the support of the experts around you as you take on projects you’ll both take pride in and feel passionate about.

Responsibilities

• Help develop and implement cloud security frameworks, ensuring security best practices are integrated into all aspects of cloud infrastructure and services.
• Ensure appropriate monitoring, detection, and response to security threats and vulnerabilities within cloud environments is embedded from the outset. Conduct risk assessments and security audits to identify areas of improvement and ensure compliance with regulatory requirements.
• Support incident response efforts in cloud environments, including identifying and investigating security incidents and breaches. Provide technical input and support to root cause analysis and recommend corrective actions.
• Automate security controls, monitoring, and response processes to improve operational efficiency and reduce risk in cloud environments.
• Work closely with development teams, DevOps, and other stakeholders to implement security controls in cloud infrastructure. Provide clear and concise communication to both technical and non-technical stakeholders regarding security risks, incidents, and resolutions.
• Ensure adherence to regulatory requirements and industry standards within cloud environments. Assist with audits and ensure security governance is in place.
• Stay up-to-date with emerging cloud security trends and vulnerabilities. Continuously evaluate and enhance security practices to keep up with evolving cloud technologies and threats.

Qualifications – Essential

• Strong hands‑on technical experience in cloud security engineering, with a proven track record of securing cloud environments.
• Solid experience with cloud architecture, security protocols, and secure cloud configurations.
• Proven track record of providing cyber security guidance on cloud application design, implementation, and ongoing management.
• Experience ensuring compliance with industry standards and regulations related to cloud security (e.g., NIST, ISO 27001, PCI‑DSS, GDPR).
• Experience working with cross‑functional teams and collaborating with development engineers, cyber security specialists, and other internal stakeholders.
• Deep knowledge of cloud platforms and services (Azure, Google Cloud).
• Experience with security cloud platforms including Salesforce.
• Expertise in cloud security tools and technologies (e.g., Shield, Azure Security, SCCP, Wiz, Guard).
• Strong understanding of web application and cloud firewalls, encryption, identity and API security.
• Experience with automation tools (e.g., Terraform, Ansible, CloudFormation) for securing cloud infrastructure.

Qualifications – Ideal

• Experience with network security in cloud environments (e.g., AWS, Azure) and hybrid network configurations.
• Experience with DevSecOps practices, secure coding, and cloud‑native application security.
• Familiarity with containerisation technologies (e.g., Docker, Kubernetes) and their security implications.

Rewards

We offer competitive salaries and excellent benefits that will support you now and in the future. As well as performance‑based annual bonuses and our longer‑term Share in Success Bonus plans, we also offer generous annual leave allowances and market‑leading pensions. With family‑friendly policies, access to private health insurance and a wide range of wellbeing tools, we’ll support you to be at your best inside and outside work. And of course, we’ll provide varied learning and development opportunities too.

Working Location

Our hybrid working approach offers the opportunity for colleagues in some roles to work from home for an average of two days a week, providing the flexibility to work in an agile way whilst ensuring we deliver for the operational needs of Heathrow. Working arrangements vary from team to team and will be confirmed during the recruitment process. You’ll need to be based in the UK and within a commutable distance to Heathrow.

Equal Opportunities

As an equal opportunities employer, we encourage applications from all. We believe that diverse talent makes us stronger – not least because we welcome passengers from all corners of the globe, every single day. Heathrow is an accessible place to work. With five diversity networks, we champion inclusivity and celebrate individuality.