IT and Information Security Lead

at  RollsRoyce

EAST GRINSTEAD/HYBRID OR HEYBRIDGE/HYBRID OR BRISTOL/HYBRID (MINIMUM 3 DAYS/WEEK IN THE OFFICE)

An exciting opportunity has arisen for an IT and Information Security Lead to join Rolls-Royce Power Systems (RRPS) at either one of our sites mentioned above.
In this specialist role, you will look after supporting the management of our UK information security program, coordination of the IT operations, and develop and implement operational processes. The focus of the position is the governmental business and the resulting regulatory requirements. It is a technical lead position without direct line management responsibility.
We are looking for someone with a mix IT and Information Security hands-on experience.

WHO WE’RE LOOKING FOR:

At Rolls-Royce we put safety first, do the right thing, keep it simple and make a difference. These principles form the behaviours that guide us and are an essential component of our assessment process. They are the fundamental qualities that we seek for all roles. And for this role, we are looking for someone who is/has:

• A mix of both IT and Information Security hands-on experience – required.
• Several years of professional experience in information security governance, using information security and industry standards.
• Demonstrated, knowledge in the field of information security in a, regulated environment (for example UK DefStan, , NIST SP 800-171, CMMC, Cyber Essentials Plus, ISO 27001 - or similar).
• Experienced working in a regulated industrial environment.
• Professional experience in design and operation of IT infrastructure.
• Extensive knowledge of regulatory and legal requirements in the context of working in a highly regulated environment. Experience of working with MOD – highly desirable.
• Successfully completed studies Information Security, IT, computer science, or a comparable qualification.
• Ideally a certification as ISO 27001 Lead Implementer/Auditor, CISSP, CISM or comparable.

Join us & Make an impact
We are an equal opportunities employer. We’re committed to developing a diverse workforce and an inclusive working environment. We believe that people from different backgrounds and cultures give us different perspectives. And the more perspectives we have, the more successful we’ll be. By building a culture of respect and appreciation, we give everyone who works here the opportunity to realise their full potential.
We welcome applications from people with a refugee background.
You can learn more about our global Inclusion strategy at Our people | Rolls-Royce

WHAT YOU WILL BE DOING:

You will support the management of the information security program with the focus of governmental business. You will be responsible for:

• Development and definition of security concepts, guidelines, procedures and specifications, in accordance with relevant internal and external requirements.
• Alignment and interpretation of requirements of the business departments
• Presentation of the relevant requirements in the context of the governmental business.
• Exchange and coordination with internal and external stakeholders in the context of the governmental business.
• Identification, assessment and management of information and cyber risks, protection needs assessments, and the presentation of key figures and reports.
• Working with auditors and subject matter experts to meet internal and external audit requirements.
• Management and support of IT projects and initiatives.

IT-INFRASTRUCTURE RESPONSIBILITIES:

• Recording, challenging and coordinating the IT infrastructure requirements for regulated information.
• Data centre, network, server/storage, systems management, client, collaboration.
• Development of implementation concepts to realise the requirements, considering the relevant government and RRPS specifications, including the necessary IT systems management environments.
• Coordination and realisation of projects to implement the concepts.
• Development and implementation of operational processes, taking into account the relevant government requirements.
• Ongoing operation of the implemented environment and its further continuous development.
• Close cooperation with the specialist departments, the Governmental IT Team, IT Security and Global IT Infrastructure.

At Rolls-Royce we put safety first, do the right thing, keep it simple and make a difference. These principles form the behaviours that guide us and are an essential component of our assessment process. They are the fundamental qualities that we seek for all roles. And for this role, we are looking for someone who is/has:

• A mix of both IT and Information Security hands-on experience – required.
• Several years of professional experience in information security governance, using information security and industry standards.
• Demonstrated, knowledge in the field of information security in a, regulated environment (for example UK DefStan, , NIST SP 800-171, CMMC, Cyber Essentials Plus, ISO 27001 - or similar).
• Experienced working in a regulated industrial environment.
• Professional experience in design and operation of IT infrastructure.
• Extensive knowledge of regulatory and legal requirements in the context of working in a highly regulated environment. Experience of working with MOD – highly desirable.
• Successfully completed studies Information Security, IT, computer science, or a comparable qualification.
• Ideally a certification as ISO 27001 Lead Implementer/Auditor, CISSP, CISM or comparable