Cyber Security Risk and Compliance Manager
Job Description
Job title: Cyber Security Risk and Compliance Manager
Company: Rolls-Royce
Job description: Job DescriptionCyber Security Risk and Compliance ManagerFulltimeBristolAn exciting opportunity has arisen for a Cyber Security Risk and Compliance Manager to join our Defence Cyber Security Team based in Bristol.Reporting to the Head of Cyber Security for Rolls-Royce Defence, the role will deliver and evolve active risk management practice and maintain an evergreen compliance capability to meet our customer expectations throughout the world.At Rolls-Royce, we pioneer the power that matters to our customers, to society and to the planet.We deliver the best jet engines in the world. Through intelligent innovation and active collaboration, we’re putting our customers at the forefront of the aviation industry and we keep them there. Our product portfolio powers more than 35 types of commercial aircraft, and with over 13,000 engines in-service around the world; we’re keeping the world flying.Hybrid working is a way in which our people can balance their time between the office, home or another remote location. It’s a locally managed and flexed informal discretionary arrangement. As a minimum we’re all expected to attend the workplace for collaboration and other specific reasons, frequency will depend on business needs, nature of role, what works for the team and for the individual.What you will be doing:
- Define methodology for cyber risk management in Defence
- Partner with team members, key customers, partner companies and stakeholders to deliver and improve cyber security risk management.
- Manage coordination and reporting of security 2nd line cyber assurance, KPIs and metrics.
- Coordinate principle risk management across the Defence businesses, integrating with the overall Defence risk function.
- Coordinate regulatory cyber compliance management across the Defence function integrating with the overall Defence compliance function and provide independent assurance.
- Coordinate with external audits to ensure compliance with industry standards and customer satisfaction. Be the point of contact for audit related issues and facilitate timely resolutions for problems highlighted.
- Work alongside IT and business stakeholders to implement and operate security controls
Who we are looking for?
- A current industry certification such as CRISC, CGRC, CISM, CISA,
- IT or Security associated degree level education or alternative equivalent qualification
- Knowledge and experience of global Defence cyber requirements – Cyber Essentials, NIST, DEFARS, CMMC, DEFCONs, NATO
- Broad knowledge of risk management principles, tools and techniques.
- Experience of cyber security audit, compliance practice and risk management
- A current understanding of cyber security risk and compliance trends and a drive to maintain this.
- Excellent interpersonal skills as well as both written and verbal communication and presentation skills to influence through persuasion in a formal context.
Join us &Power Our FutureWe are an equal opportunities employer. We’re committed to developing a diverse workforce and an inclusive working environment. We believe that people from different backgrounds and cultures give us different perspectives. And the more perspectives we have, the more successful we’ll be. By building a culture of respect and appreciation, we give everyone who works here the opportunity to realise their full potential.You can learn more about our global Inclusion strategy .We welcome applications from people with a refugee background.This role requires the successful candidate to obtain SC clearance upon appointment and future DV clearance as required.Closing date : April 3rd MidnightJob CategoryInformation TechnologyPosting Date20 Mar 2024; 00:03
Expected salary:
Location: Bristol Area
