Description
Cyber Security Risk and Compliance Manager
Full Time
Bristol
Why Rolls-Royce?
An exciting opportunity has arisen for a Cyber Security Risk and Compliance Manager to join our Defence Cyber Security Team based in Bristol.
Reporting to the Head of Cyber Security for Rolls-Royce Defence, the role will deliver and evolve active risk management practice and maintain an evergreen compliance capability to meet our customer expectations throughout the world.
At Rolls-Royce, we pioneer the power that matters to our customers, to society and to the planet.
Work with us and we’ll welcome you into an inclusive culture, one that invests in your continuous learning and development, and gives you access to a wide breadth and depth of experience.
We offer excellent development, a competitive salary and remarkable benefits. These include bonus, employee support assistance and employee discounts.
Your needs are as unique as you are. Hybrid working is a way in which our people can balance their time between the office, home or another remote location. It’s a locally managed and flexed informal discretionary arrangement. As a minimum we’re all expected to attend the workplace for collaboration and other specific reasons, on average three days per week.
What you will be doing:
1. Define methodology for cyber risk management in Defence.
2. Partner with team members, key customers, partner companies and stakeholders to deliver and improve cyber security risk management.
3. Manage coordination and reporting of security 2nd line cyber assurance, KPIs and metrics.
4. Coordinate principle risk management across the Defence businesses, integrating with the overall Defence risk function.
5. Coordinate regulatory cyber compliance management across the Defence function integrating with the overall Defence compliance function and provide independent assurance.
6. Coordinate with external audits to ensure compliance with industry standards and customer satisfaction. Be the point of contact for audit related issues and facilitate timely resolutions for problems highlighted.
7. Work alongside IT and business stakeholders to implement and operate security controls.
Who we are looking for?
8. A current industry certification such as CRISC, CGRC, CISM, CISA.
9. IT or Security associated degree level education or alternative equivalent qualification.
10. Knowledge and experience of global Defence cyber requirements - Cyber Essentials, NIST, DEFARS, CMMC, DEFCONs, NATO.
11. Broad knowledge of risk management principles, tools and techniques.
12. Experience of cyber security audit, compliance practice and risk management
13. A current understanding of cyber security risk and compliance trends and a drive to maintain this.
14. Excellent interpersonal skills as well as both written and verbal communication and presentation skills to influence through persuasion in a formal context.
We are an equal opportunities employer. We’re committed to developing a diverse team and an inclusive working environment. We believe that people from different backgrounds and cultures give us different perspectives. And the more perspectives we have, the more successful we’ll be. By building a culture of respect and appreciation, we give everyone who works here the opportunity to realise their full potential.
We welcome applications from people with a refugee background.
You can learn more about our global Inclusion strategy at
This role requires the successful candidate to obtain SC clearance upon appointment and future DV clearance as required.
Closing Date
Friday July 5th 2024
Job Category
Information Technology
Posting Date
28 Jun 2024; 00:06
Posting End Date
05 Jul 2024