Security Manager

Job Description

Location: Malta (AOC Head Office)

Department: Flight Operations / Compliance & Safety

Reports to: Accountable Manager (dotted line to Compliance Monitoring)

Contract: Full-time, on-site with 24/7 on-call rotation

Role purpose

The Security Manager (AVSEC) is responsible for establishing, maintaining, and continually improving the air carrier’s security programme and culture to protect people, aircraft, facilities, information, and cargo. The role ensures compliance with Malta’s Appropriate Authority (AVSEC Malta) and EU common basic standards, integrating AVSEC with the company’s SMS and operations.  

Key responsibilities

  • Air Carrier Security Programme (ACSP). Develop, own, and keep current the ACSP and related manuals/procedures; ensure they meet Malta’s Civil Aviation (Security) Regulations and EU Implementing Regulation (EU) 2015/1998 (and amendments). Submit updates and coordinate approvals with AVSEC Malta.  
  • Regulatory liaison. Act as primary point of contact with AVSEC Malta and other competent authorities; ensure timely reporting, audits, and corrective actions (including quality control of security measures).  
  • Threat & risk management. Maintain an intelligence-led security risk register; conduct station and route risk assessments; define security levels and special measures (e.g., HRCM, inflight security procedures) as applicable under the EU framework.  
  • Aircraft & airport operations security. Define and oversee aircraft protection, security searches/checks, access control to critical parts/sterile areas, and coordination with airport operators and handlers.  
  • Cargo, mail & supplies security (as applicable). Ensure regulated agent/known consignor interfaces, HRCM processes, and—where relevant—ACC3/RA3/KC3 validations and ongoing compliance monitoring for third-country inbound cargo operations.  
  • Staff vetting & access control. Ensure recruitment procedures include required pre-employment/background checks per Chapter 11; manage re-checks and card issuance controls in line with EU rules and national practice.  
  • Training & security culture. Build and maintain the AVSEC training programme (initial/recurrent) for all categories, aligned with Chapter 11 training requirements; measure effectiveness and drive security culture initiatives.  
  • Incident response & reporting. Lead response to security incidents (on the ground and in flight), conduct investigations, coordinate with authorities, and deliver lessons learned and preventive actions.
  • Quality assurance. Plan and execute AVSEC audits, tests, and inspections; track findings and corrective/preventive actions; report KPIs to the Accountable Manager and Safety Review Board.
  • Supplier & station oversight. Approve and monitor third-party providers (ramp, catering, cleaning, cargo, security contractors) against ACSP and EU requirements; ensure robust change management when opening stations or launching new routes.
  • Information security coordination. Work with Compliance/IT to align physical AVSEC with the organisation’s Information Security Management System and emerging EASA Part-IS obligations, integrating with SMS where applicable.  

Qualifications & experience

  • Proven AVSEC leadership in an EU air carrier/airport/regulated agent (typically 5–8+ years), including programme ownership and authority liaison.
  • Deep knowledge of EU aviation security law: Regulation (EC) 300/2008 and Commission Implementing Regulation (EU) 2015/1998 (incl. cargo/ACC3, training, staff vetting, aircraft/airport measures).  
  • Familiarity with Malta’s AVSEC Malta requirements and approval processes for air carriers.  
  • Experience building and delivering AVSEC training (Chapter 11 categories) and running QC/QA programmes.  
  • Strong incident management, investigation, and stakeholder skills (airport authorities, ground handlers, law enforcement).
  • Desirable: exposure to ACC3/RA3/KC3 frameworks and validations; integration of information security/cyber with safety per EASA Part-IS.  
  • Languages: Excellent English; Maltese is an advantage.

Certifications (preferred)

  • ICAO/IATA/ECAC AVSEC professional certifications (e.g., IATA AVSEC PM, ECAC training).
  • Recognised auditing/lead auditor credential (ISO 19011/9001 or similar).
  • Information security credentials (e.g., ISO/IEC 27001 lead implementer/auditor) are a plus where Part-IS scope applies.  

Background, screening & eligibility

  • Must be eligible to obtain/retain EU-compliant background clearance for unescorted access and crew/airport ID issuance (criminal record, employment/education history verification, and periodic re-checks per Chapter 11).  

Key performance indicators

  • Regulator findings closed on time; zero repeat findings.
  • Training compliance >99% on-time; positive culture survey trends.
  • On-time ACSP revisions/approvals and station change management.
  • Audit coverage vs. plan; CAPA effectiveness.
  • Incident response timeliness and recurrence reduction.

Why join us

Play a pivotal role in safeguarding our passengers, crews, and operations as we scale our Malta-based AOC, working cross-functionally with Ops, Safety, Ground Handling, and IT to keep security effective, simple, and audit-ready.