Description
Cyber Security Risk and Compliance Manager
Full Time
Bristol
Why Rolls-Royce?
An exciting opportunity has arisen for aCyber Security Risk and Compliance Managerto join our Defence Cyber Security Team based in Bristol.
Reporting to the Head of Cyber Security for Rolls-Royce Defence, the role will deliver and evolve active risk management practice and maintain an evergreen compliance capability to meet our customer expectations throughout the world.
At Rolls-Royce, we pioneer the power that matters to our customers, to society and to the planet.
Work with us and we’ll welcome you into an inclusive culture, one that invests in your continuous learning and development, and gives you access to a wide breadth and depth of experience.
We offer excellent development, a competitive salary and remarkable benefits. These include bonus, employee support assistance and employee discounts.
Your needs are as unique as you are. Hybrid working is a way in which our people can balance their time between the office, home or another remote location. It’s a locally managed and flexed informal discretionary arrangement. As a minimum we’re all expected to attend the workplace for collaboration and other specific reasons, on average three days per week.
What you will be doing:
Define methodology for cyber risk management in Defence. Partner with team members, key customers, partner companies and stakeholders to deliver and improve cyber security risk management. Manage coordination and reporting of security 2nd line cyber assurance, KPIs and metrics. Coordinate principle risk management across the Defence businesses, integrating with the overall Defence risk function. Coordinate regulatory cyber compliance management across the Defence function integrating with the overall Defence compliance function and provide independent assurance. Coordinate with external audits to ensure compliance with industry standards and customer satisfaction. Be the point of contact for audit related issues and facilitate timely resolutions for problems highlighted. Work alongside IT and business stakeholders to implement and operate security controls.Who we are looking for?
A current industry certification such as CRISC, CGRC, CISM, CISA. IT or Security associated degree level education or alternative equivalent qualification. Knowledge and experience of global Defence cyber requirements - Cyber Essentials, NIST, DEFARS, CMMC, DEFCONs, NATO. Broad knowledge of risk management principles, tools and techniques. Experience of cyber security audit, compliance practice and risk management A current understanding of cyber security risk and compliance trends and a drive to maintain this. Excellent interpersonal skills as well as both written and verbal communication and presentation skills to influence through persuasion in a formal context.We are an equal opportunities employer. We’re committed to developing a diverse team and an inclusive working environment. We believe that people from different backgrounds and cultures give us different perspectives. And the more perspectives we have, the more successful we’ll be. By building a culture of respect and appreciation, we give everyone who works here the opportunity to realise their full potential.
We welcome applications from people with a refugee background.
You can learn more about our global Inclusion strategy at
This role requires the successful candidate to obtain SC clearance upon appointment and future DV clearance as required.
Closing Date
Friday July 5th 2024
Job Category
Information Technology
Posting Date
28 Jun 2024; 00:06
Posting End Date
05 Jul 2024
The latest news, articles, and resources, sent to your inbox weekly.
Our client, a prominent player in the Defence & Security sector, is currently seeking an Information Assurance Security Manager for a contract role based in Cheltenham. This position entails working closely with cross-functional teams to bolster information security policies, procedures, and controls. Candidates should have a solid grasp of cybersecurity...
Cheltenham
The company:This is a very well thought of North East business who have a rich history of innovation and excellence in the industry. Recently, this business has invested a lot of time and resource into the IT Infrastructure and continues to do so as they embark on an exciting digital...
Newcastle upon Tyne
About the role;As a Cyber Security Consultant, you will provide expert guidance and comprehensive security solutions to TSG’s clients, ensuring their systems are robust against cyber threats. You will conduct risk assessments, perform vulnerability analyses, and offer strategic recommendations to enhance their security posture based on industry-standard frameworks and best...
TSG Newcastle upon Tyne
Manager - Internal AuditWorking hours - Monday to Friday 9am to 5pmHybrid working 2 days office with rest working from home.OVERVIEWAs Internal Audit manager, this role places a critical role in evaluation and improving internal controls, risk management and governance processed within the organisation.Ideally looking from 5 - 10 years'...
Clerkenwell
Description:IT Security is a global function residing within the IT department operating from London and Houston. The IT Security Team Lead will be based in London. The purpose of the IT Security function is to manage cyber risks and issues for EDF Trading globally.Position purposeThe IT Security Team Lead provides...
E1 EDF Trading Ltd London
Job descriptionSite Name:UK - Hertfordshire - StevenagePosted Date:Nov 29 2024Senior Automation Engineer – Permanent roleClosing Date for Applications – 3rd January (COB)DescriptionGSC R&D Engineering Services provides Facilities Management, Engineering and Capital Projects delivery for Technical R&D sites within GSC’s Engineering and EHS organisation. We do this by simplifying decision making...
GSK Stevenage
