Job Title: IT Security Officer – Assurance - Submarines
Working Pattern: 37 hours days
Working location: Derby/ Hybrid
Position Summary
We now have a new opportunity within the Rolls-Royce Submarines Security Department, based at the Raynesway site at Derby, for an IT Security Officer – Assurance to support the growing Submarines business, within our UK Defence Sector. This role reports to the IT Security Manager, Submarines. This role is responsible for ensuring IT Systems, processes and controls are secure and functioning effectively to protect against threats.
What you will be doing:
Reporting to the IT Security Manager, the IT Security Officer – Assurance will provide assurance and be responsible for ensuring IT Systems, processes and controls are secure and functioning effectively to protect against threats. with the following primary responsibilities:
Develop, implement, maintain a validation assurance plan to test the effectiveness of security controls in alignment with mandated security frameworks.
Produce and conduct audits and assessments to confirm adherence to standards (Def-Stan 05-138, CIS Controls, CE+) using tools for efficiency.
Assess the correctness of security risk assessments and risk management plans, taking account of the business goals.
Audit the implementation, operation and maintenance of security controls.
Identify potential security risks and vulnerabilities in IT systems and evaluate the likelihood and impact of these and propose mitigations.
Implement and maintain the Security Policy, Procedures, Standards and Cyber Security Assurance Framework .
Coordinate penetration testing with third-party providers and support remediation activities.
Who we’re looking for:
At Rolls-Royce we put safety first, do the right thing, keep it simple and make a difference. These principles form the behaviours that guide us and are an essential component of our assessment process. They are the fundamental qualities that we seek for all roles.
Risk Management and experience of identifying, assessing and mitigating security risks.
Experience of working in a assurance environment, providing reporting to key stakeholders.
Knowledge of cloud platforms (AWS, Azure), network security, and endpoint security.
Knowledge of IT security frameworks such as DEFSTAN 05-138, NIST Cybersecurity Framework, ISO 27001 and Cyber Essentials +.
Why Rolls-Royce?
Rolls-Royce is one of the most enduring and iconic brands in the world and has been at the forefront of innovation for over a century. We design, build and service systems that provide critical power to customers where safety and reliability are paramount.
We are proud to be a force for progress, powering, protecting and connecting people everywhere.
We want to ensure that the excellence and ingenuity that has shaped our history continues into our future and we need people like you to come and join us on this journey.
We’ll provide an environment of caring and belonging where you can be yourself. An inclusive, innovative culture that invests in you, gives you access to an incredible breadth and depth of opportunities where you can grow your career and make a difference.
Please be aware that the priority will be given to employees identified as being at high risk. The professional level and the salary of the position will be dependent on the skills and experience of the successful candidate.
It is advised that you inform your current manager of your application for this role.
For more than 60 years Rolls-Royce Submarines has designed, supplied and supported the nuclear propulsion plant, providing power for all UK Royal Navy nuclear submarines.
To work for Rolls-Royce Submarines an individual must hold a Security Check clearance. We will support the application for Security Clearance if you don’t already have it. Due to the nature of work we conduct, we can only progress applications from individuals who are a UK national or, in MoD approved cases, a dual national.
Our vision is to ensure that the excellence and ingenuity that shaped our history continues into our future. Our multi-year transformation programme aims to turn Rolls-Royce into a high-performing, competitive, resilient and growing company. Join us, and it can be your future vision too.
Rolls-Royce are committed to being a respectful, inclusive, and non-discriminatory workplace where individuality is valued, diverse perspectives fuel innovation, and everyone can thrive.
Closing date: 22nd June 2026
As part of our selection process, candidates in certain locations may be asked to complete an online assessment, which can include cognitive and behavioural aptitude testing relevant to the role. If required, full instructions for the next steps will be provided.
As part of our selection process, candidates in certain locations may be asked to complete an online assessment, which can include cognitive and behavioural aptitude testing relevant to the role. If required, full instructions for the next steps will be provided.
Information Technology
09 Jun 2026; 00:06
22 Jun 2026
