ITSecurityOfficer-Assurance-Submarines

## **Job Description** **Job Title:** IT Security Officer – Assurance - Submarines **Working Pattern:** 37 hours days **Working location:** Derby/ Hybrid **Position Summary** We now have a new opportunity within the Rolls-Royce Submarines Security Department, based at the Raynesway site at Derby, for an IT Security Officer – Assurance to support the growing Submarines business, within our UK Defence Sector. This role reports to the IT Security Manager, Submarines. This role is responsible for ensuring IT Systems, processes and controls are secure and functioning effectively to protect against threats. **What you will be doing:** Reporting to the IT Security Manager, the IT Security Officer – Assurance will provide assurance and be responsible for ensuring IT Systems, processes and controls are secure and functioning effectively to protect against threats. with the following primary responsibilities: * Develop, implement, maintain a validation assurance plan to test the effectiveness of security controls in alignment with mandated security frameworks. * Produce and conduct audits and assessments to confirm adherence to standards (Def-Stan 05-138, CIS Controls, CE+) using tools for efficiency. * Assess the correctness of security risk assessments and risk management plans, taking account of the business goals. * Audit the implementation, operation and maintenance of security controls. * Identify potential security risks and vulnerabilities in IT systems and evaluate the likelihood and impact of these and propose mitigations. * Implement and maintain the Security Policy, Procedures, Standards and Cyber Security Assurance Framework . * Coordinate penetration testing with third-party providers and support remediation activities. **Who we’re looking for:** At Rolls-Royce we put safety first, do the right thing, keep it simple and make a difference. These principles form the behaviours that guide us and are an essential component of our assessment process. They are the fun