Job Description IT Security Auditor Derby/Bristol, UK Hybrid – minimum 3 days on site per week What you will be doing: We have an excellent opportunity for an IT Security Auditor to join our Cyber Security, Risk and Compliance team. In this role you will be undertaking assessment activities to identify weaknesses, policy violations in our IT systems (and/or applications) and create action plans to correct any problems in order to prevent future cyber security breaches. You will be working with other Security Auditors and Information Assurance Specialists to ensure a common approach to Security Audit across Rolls-Royce. Responsibilities: Support the Head of Cyber Security Policy & Compliance in identifying and planning cyber security audits across the IT Function, within business areas, of our IT supply chain, and 3rd party suppliers into the business. Undertaking those audits and providing timely reports. Creating corrective action plans, in conjunction with the target system owner, in order to improve the cyber security posture of that system. Analysis of the audit output to identify trends to inform the improvement of policy, process, procedure or technology. Presenting findings to a wider audience including senior management. Undertaking other tasks to support the wider cyber security team, such as work on the cyber culture programme. Assist the wider team in developing and defining Information Security policies, standards, guidelines, and procedure to an agreed framework (ISO27000) Why Rolls-Royce? Work with us and we’ll welcome you into a culture of caring and belonging where you can be yourself. We will listen first, embrace feedback and act with integrity. We will invest in your continuous learning and development, and make sure you have access to a wide breadth and depth of opportunities to grow your career and make a difference. We offer excellent development, a competitive salary and exceptional benefits. These include bonus, employee support assistance and employee discounts. Hybrid working is a way in which our people can balance their time between the office, home or another remote location. It’s a locally managed and flexed informal discretionary arrangement. As a minimum we’re all expected to attend the workplace for collaboration and other specific reasons, on average three days per week. Discover more on our GBS Service Portal about hybrid working. Who we’re looking for: Being a part of Rolls-Royce, you’ll know we put safety first, do the right thing, keep it simple and make a difference. These principles form our behaviours. They are an essential component of our assessment process and are fundamental qualities that we seek for all roles. Good overall knowledge of information systems practices and applications. Thorough understanding of Rolls-Royce management processes and practical knowledge of the principles of information security Understanding of Cyber Security frameworks and benchmarks to which we have to demonstrate compliance to (for example ISO27000, NIST & CIS) Communicates well and has the skill to influence through persuasion in a formal context Broad knowledge of IT security demonstrated by attainment of appropriate qualifications Experience / awareness of cloud technologies and capabilities in an enterprise environment Willingness to learn and promote wider compliance requirements such as Product Safety, Data Privacy and Export Control Join us & help Rolls-Royce to become a high-performing, competitive, resilient business. Please be aware that the priority will be given to employees identified as being at high risk. The professional level and salary of the position will be dependent on the skills and experience of the successful candidate but is anticipated to be Level C. This job is advertised at the grades shown, and this is the desired operating level for this role. We encourage applications from candidates with relevant experience from any grade. It is advised that you inform your current manager of your application for this role. We are an equal opportunities employer. We’re committed to developing a diverse workforce and an inclusive working environment. We believe that people from different backgrounds and cultures give us different perspectives. And the more perspectives we have, the more successful we’ll be. By building a culture of respect and appreciation, we give everyone who works here the opportunity to realise their full potential. You can learn more about our global Inclusion strategy here. Grade: Level C Closing Date: 22/08/2025 Recruiter: aaron.thoresendavidson@rolls-royce.com Job Category Information Technology Posting Date 18 Aug 2025; 00:08 Posting End Date 22 Aug 2025