Job Description
IT and Information Security Lead
Full Time
East Grinstead/Hybrid or Heybridge/Hybrid or Bristol/Hybrid (minimum 3 days/week in the office)
An exciting opportunity has arisen for an IT and Information Security Lead to join Rolls-Royce Power Systems (RRPS) at either one of our sites mentioned above.
In this specialist role, you will look after supporting the management of our UK information security program, coordination of the IT operations, and develop and implement operational processes. The focus of the position is the governmental business and the resulting regulatory requirements. It is a technical lead position without direct line management responsibility.
We are looking for someone with a mix of IT and Information Security hands-on experience.
Why Rolls-Royce?
Rolls-Royce is one of the most enduring and iconic brands in the world and has been at the forefront of innovation for over a century. We design, build and service systems that provide critical power to customers where safety and reliability are paramount.
We are proud to be a force for progress, powering, protecting and connecting people everywhere.
We want to ensure that the excellence and ingenuity that has shaped our history continues into our future and we need people like you to come and join us on this journey.
This multifaceted role is a great opportunity for someone, who would like to use the acquired IT and Information Security expertise and help to shape the future of the local IT infrastructure and information security at a busy, world-class engineering organisation.
What We Offer
We offer excellent development opportunities, a competitive salary, and exceptional benefits. These include bonus, employee support assistance and employee discounts.
Your needs are as unique as you are. Hybrid working is a way in which our people can balance their time between the office, home, or another remote location. It’s a locally managed and flexed informal discretionary arrangement. As a minimum we’re all expected to attend the workplace for collaboration and other specific reasons, on average three days per week.
What You Will Be Doing
You will support the management of the information security program with the focus of governmental business. You will be responsible for:
1. Development and definition of security concepts, guidelines, procedures and specifications, in accordance with relevant internal and external requirements.
2. Alignment and interpretation of requirements of the business departments.
3. Presentation of the relevant requirements in the context of the governmental business.
4. Exchange and coordination with internal and external stakeholders in the context of the governmental business.
5. Identification, assessment and management of information and cyber risks, protection needs assessments, and the presentation of key figures and reports.
6. Working with auditors and subject matter experts to meet internal and external audit requirements.
7. Management and support of IT projects and initiatives.
IT-Infrastructure Responsibilities
1. Recording, challenging and coordinating the IT infrastructure requirements for regulated information.
2. Data centre, network, server/storage, systems management, client, collaboration.
3. Development of implementation concepts to realise the requirements, considering the relevant government and RRPS specifications, including the necessary IT systems management environments.
4. Coordination and realisation of projects to implement the concepts.
5. Development and implementation of operational processes, taking into account the relevant government requirements.
6. Ongoing operation of the implemented environment and its further continuous development.
7. Close cooperation with the specialist departments, the Governmental IT Team, IT Security and Global IT Infrastructure.
Who We’re Looking For
At Rolls-Royce we put safety first, do the right thing, keep it simple and make a difference. These principles form the behaviours that guide us and are an essential component of our assessment process. They are the fundamental qualities that we seek for all roles. And for this role, we are looking for someone who is/has:
1. A mix of both IT and Information Security hands-on experience – required.
2. Several years of professional experience in information security governance, using information security and industry standards.
3. Demonstrated knowledge in the field of information security in a regulated environment (for example UK DefStan, NIST SP 800-171, CMMC, Cyber Essentials Plus, ISO 27001 - or similar).
4. Experienced working in a regulated industrial environment.
5. Professional experience in design and operation of IT infrastructure.
6. Extensive knowledge of regulatory and legal requirements in the context of working in a highly regulated environment. Experience of working with MOD – highly desirable.
7. Successfully completed studies in Information Security, IT, computer science, or a comparable qualification.
8. Ideally a certification as ISO 27001 Lead Implementer/Auditor, CISSP, CISM or comparable.
Join us & Make an impact
We are an equal opportunities employer. We’re committed to developing a diverse workforce and an inclusive working environment. We believe that people from different backgrounds and cultures give us different perspectives. And the more perspectives we have, the more successful we’ll be. By building a culture of respect and appreciation, we give everyone who works here the opportunity to realise their full potential.
We welcome applications from people with a refugee background.
Job Category
Information Technology
Posting Date
12 Nov 2024; 00:11
Posting End Date
01 Dec 2024
#J-18808-Ljbffr