Aviation Cyber Security Lead
Fox-IT
Posted on May 29, 2026
Role: Cyber Security Aviation Lead (Global Transport)
Locations: Cheltenham, Manchester or London - Hybrid/Global Remit
We are seeking a highly skilled Cyber Security Aviation Lead to join our Global Transport Practice. This role will serve as the subject-matter expert (SME) for aviation cyber security, covering operational technology (OT), safety-critical aviation systems, and regulatory standards across the global aviation ecosystem.
Locations: Cheltenham, Manchester or London - Hybrid/Global Remit
We are seeking a highly skilled Cyber Security Aviation Lead to join our Global Transport Practice. This role will serve as the subject-matter expert (SME) for aviation cyber security, covering operational technology (OT), safety-critical aviation systems, and regulatory standards across the global aviation ecosystem.
You will play a pivotal role in shaping NCC Group’s aviation offerings, supporting delivery, mentoring colleagues, engaging clients, and driving growth in the aviation market. While aviation is the primary focus, the role also offers opportunities to work across rail, maritime, and automotive with full support from the wider transport team.
This is a client-facing, collaborative, and technically hands-on role suited to someone with solid aviation cyber experience who can also support business development activities.
- Department
- Cyber Services and Capabilities
- Employment Type
- Full Time
- Location
- GBR London
- Workplace type
- Hybrid
- Reporting To
- Gary Cannon
Key Responsibilities
Aviation Cyber Security Leadership
Act as the global aviation cyber security SME, providing expert knowledge of:
Act as the global aviation cyber security SME, providing expert knowledge of:
- Part-IS and other aviation-specific security frameworks
- ISA/IEC 62443 requirements and application to aviation OT
- Penetration testing techniques relevant to OT and aviation systems
- Avionics, airport infrastructure, ground systems, airline operational technologies
- Lead and oversee cyber engagements within the aviation ecosystem, including:
- Airports, ANSPs, MNO, airlines, OEMs, ground handling, avionics suppliers
- Safety-critical OT networks and mission-critical control systems
Technical Delivery
Perform and/or lead:
Perform and/or lead:
- OT penetration testing
- Threat modelling and risk assessments
- Security architecture review for aviation technologies
- Compliance assessments and gap analyses (Part-IS, 62443, NIS2 where applicable)
- Oversee technical quality, ensuring best-in-class delivery to clients.
Business Development & Practice Growth
- Support the creation and refinement of NCC Group’s aviation services and propositions.
Work with business development teams to:
- Identify opportunities
- Create proposals
- Participate in client meetings and presentations
- Represent NCC Group at aviation cyber conferences, industry forums, and working groups.
Collaboration & Cross-Transport Support
- Operate as part of the wider Global Transport Practice, contributing to multi-modal cyber projects.
When required (and with team support), step into cyber roles in:
- Rail
- Maritime
- Automotive
- Work closely with colleagues across geographies to develop integrated cyber security solutions.
Knowledge Sharing & Mentoring
- Coach and mentor internal consultants on aviation cyber security concepts, systems, and regulations.
- Develop internal guidance, training materials, and workbooks/playbooks.
- Promote a collaborative, high-performance culture.
Client Engagement
- Act as a trusted advisor to stakeholders at all levels.
- Ensure exceptional client experience through clear communication, professionalism, and delivery excellence.
- Build long-term relationships with global aviation customers.
Skills, Knowledge and Expertise
Essential Experience & Skills
Proven experience in the aviation ecosystem, such as working with:
Proven experience in the aviation ecosystem, such as working with:
- Airports
- Airlines
- OEMs
- Avionics manufacturers
- ANSPs
Strong understanding of aviation operational technologies and safety-critical systems.
Knowledge of:
- Part-IS
- ISA/IEC 62443
- OT networks, architectures, and protocols
- Security risk assessment in safety-critical environments
Hands-on cyber security experience, such as:
- Penetration testing (OT preferred)
- Threat modelling
- Incident response
- Architecture review
- Comfortable providing client-facing advisory services.
- Experience working in or with regulated environments.
- Ability to simplify complex cyber concepts for diverse audiences.
Desirable Skills
- Certifications (one or more): GICSP, CISSP, CISM, CRT/OSCP, CISA, CCSFP, 62443 certificates, CREST
- Background in engineering, avionics, or airport operations.
- Experience with NIS/NIS2, EASA, FAA, ICAO cyber requirements.
- Experience contributing to sales or pre-sales cycles.
Benefits
What do we offer in return?
We have a high-performance culture which is balanced evenly with world-class well-being initiatives and benefits:
- Flexible Working: Balance your work and personal life with our flexible working options.
- Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave.
- Medicash & Critical Illness Scheme
- Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme.
- Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities.
- Green Car Scheme: Drive green and save money with our eco-friendly car scheme.
- Cycle Scheme: Stay fit and healthy with our cycle-to-work scheme.
- Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet.
- Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.
About NCC Group
We assess, develop and manage cyber threats across our increasingly connected society. We advise global technology, manufacturers, financial institutions, critical national infrastructure providers, retailers and governments on the best way to keep businesses, software and personal data safe.
With our knowledge, experience and global footprint, we are best placed to help businesses identify, assess, mitigate & respond to the risks they face.
We are passionate about making the Internet safer and revolutionising the way in which organisations think about cyber security.
Headquartered in Manchester, UK, with over 35 offices across the world, NCC Group employs more than 2,000 people and is a trusted advisor to 15,000 clients worldwide.
With our knowledge, experience and global footprint, we are best placed to help businesses identify, assess, mitigate & respond to the risks they face.
We are passionate about making the Internet safer and revolutionising the way in which organisations think about cyber security.
Headquartered in Manchester, UK, with over 35 offices across the world, NCC Group employs more than 2,000 people and is a trusted advisor to 15,000 clients worldwide.
We review every application received and will get in touch if your skills and experience match what we’re looking for. If you don’t hear back from us within 10 days, please don’t be too disappointed – we may keep your CV on our database for any future vacancies and we would encourage you to keep an eye on our career opportunities as there may be other suitable roles.
If you do not want us to retain your details, you can utilise the Manage Your Data tool provided by Pinpoint or contact us directly at: global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Notice.
We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.
Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process.
If you do not want us to retain your details, you can utilise the Manage Your Data tool provided by Pinpoint or contact us directly at: global.ta@nccgroup.com. All personal data is held in accordance with the NCC Group Privacy Notice.
We are committed to diversity and flexibility in the workplace. If you require any reasonable adjustments to support you during the application process, please tell us at any stage.
Please note that this role involves mandatory pre-employment background checks due to the nature of the work NCC Group does. To apply, you must be willing and able to undergo the vetting process.
Not quite right? Register your interest to be notified of any roles that come along that meet your criteria.
