Rolls-Royce
Cyber Security
InformationAssuranceSpecialist
Neural analysis suggests this role is
optimal for Mid+ candidates.
“Information Assurance Specialist at Rolls-Royce. Skills: Information Assurance, Cyber Security, Risk Management, Compliance. Support the development and continual improvement of Information Security policies, standards, and procedures in line with ISO/IEC 27000, promoting a secure‑by‑design culture informed by business impact assessments, risk appetite, and regulatory requirements.. Serve as the Cyber Security representative on major programmes and product teams, providing authoritative guidance”
What You'll Achieve.
Promoting a secure‑by‑design culture; Ensuring security requirements and secure‑by‑design principles are embedded from concept through delivery.; Strengthen secure‑by‑design engineering and decision‑making.; Ensuring the confidentiality, integrity and availability of business systems
Industry & Context.
Pragmatic, risk-based approach to standards implementation.
Candidates in certain locations may be asked to complete an online assessment, which can include cognitive and behavioural aptitude testing relevant to the role.
What They're Looking For.
Must Have
overall understanding of information systems, their applications and lifecycle practices, with solid grounding in information security principles and governance., Proven ability to interpret and apply IT security compliance requirements while maintaining a pragmatic, risk-based approach to standards implementation., Effective communicator with the ability to influence stakeholders and build consensus in formal and cross-functional environments., Broad knowledge of cyber and information security, supported by relevant professional qualifications (e. g. , CISSP, CISM, ISO 27001 Lead Implementer/Lead Auditor)., Experience or awareness of enterprise cloud technologies, architectures and capabilities (e. g. , Azure, AWS, GCP)., Demonstrated willingness to learn and champion broader compliance domains, including Product Safety, Data Privacy, Export Control and other regulatory frameworks., Awareness or experience of Artificial Intelligence technologies (e. g. , Large Language Models, Machine Learning) or engineering disciplines is beneficial but not essential., Understanding of Operational Technology (OT) environments and the unique security considerations associated with industrial control systems., Experience with Governance, Risk and Compliance (GRC) tooling (e. g. , Zen, Archer, ServiceNow GRC, OneTrust, MetricStream), including managing risk registers, control frameworks, and compliance workflows at scale.
Nice to Have
Degree or master’s qualification in Information Security, Cyber Security, or a related discipline (or equivalent experience)., Industry‑recognised professional certifications such as CISSP, CISM, ISO 27001 Lead Implementer/Lead Auditor (or equivalent)., Cloud security or architecture certifications for Microsoft Azure or other major cloud platforms (e. g. , AWS, GCP).
What You'll Do.
Support the development and continual improvement of Information Security policies
and procedures in line with ISO/IEC 27000
promoting a secure‑by‑design culture informed by business impact assessments
and regulatory requirements.
Serve as the Cyber Security representative on major programmes and product teams
providing authoritative guidance and approvals to ensure secure design
build and operation across IT
OT and AI‑enabled systems.
Represent Cyber Security across strategic initiatives—including research collaborations
and supply‑chain engagements—ensuring security requirements and secure‑by‑design principles are embedded from concept through delivery.
Assess organisational and technical compliance with security policies and standards
conduct configuration and architecture reviews
and evaluate adherence to legal
regulatory and industry obligations.
Provide expert advice on the selection
and assurance of security controls
ensuring alignment with NIS2
export controls and emerging AI regulatory expectations.
Advise stakeholders on risk reduction strategies
promote secure behaviours and support security awareness initiatives to strengthen secure‑by‑design engineering and decision‑making.
assess and manage cyber security risks and concessions
ensuring decisions are guided by business impact assessments and integrated into enterprise risk and operational safety processes.
Contribute to broader cyber security initiatives and capability uplifts
including OT security maturity
supply‑chain resilience and secure development lifecycle improvements.
Apply and oversee security controls required by policy
and regulatory drivers
ensuring the confidentiality
integrity and availability of business systems
connected manufacturing platforms and AI‑supported operational systems.
How You'll Work.
Team & Collaboration
Work with other IA specialists to ensure a common approach to cyber security issues is developed and documented.; Serve as the Cyber Security representative on major programmes and product teams.; Represent Cyber Security across strategic initiatives—including research collaborations, joint ventures, and supply‑chain engagements.; Build consensus in formal and cross‑functional environments.
Communication Scope
Effective communicator; Ability to influence stakeholders; Ability to build consensus
Full Job Description
## **Job Description** **Information Assurance Specialist** **Derby-3 Days per week** **Full time** **Why join Rolls-Royce?** At Rolls-Royce we are proud to be a business that has truly helped to shape the modern world and are committed to always being a force for progress; powering, protecting, and connecting people everywhere. By joining Rolls-Royce, you'll have the opportunity to work on world-class solutions, supported by a culture that believes individuality is our greatest strength, and all perspectives, experiences and backgrounds help us innovate and enable our high-performance culture. **Position Summary** We have an excellent opportunity for an Information Assurance Specialist to join our Cyber Security, Risk and Compliance team. In this role you will be providing Information Assurance through the application of policy, standards, and best practice to support the IT product teams. You will also be required to work with other IA specialists to ensure a common approach to cyber security issues is developed and documented. **What you will be doing:** Reporting into the Lead Information Assurance Specialist, your primary responsibilities will be to: * Support the development and continual improvement of Information Security policies, standards, and procedures in line with ISO/IEC 27000, promoting a secure‑by‑design culture informed by business impact assessments, risk appetite, and regulatory requirements. * Serve as the Cyber Security representative on major programmes and product teams, providing authoritative guidance and approvals to ensure secure design, build and operation across IT, OT and AI‑enabled systems. * Represent Cyber Security across strategic initiatives—including research collaborations, joint ventures, and supply‑chain engagements—ensuring security requirements and secure‑by‑design principles are embedded from concept through delivery. * Assess organisational and technical compliance with security policies and standards, conduct configuratio
Applying for this Information Assurance Specialist role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Rolls-Royce?
Real rants from real employees. Read before you apply.