Rolls-Royce plc

Cybersecurity Controls Assessor

Rolls-Royce plc$114K — $185K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Associate's degree in Information Technology, Cybersecurity, or Information Systems with 7+ years of relevant experience, or Bachelor's degree with 5+ years, or Master's degree with 3+ years, or PhD with no experience, or 9+ years of experience in lieu of a degree.
  • Experience with NIST RMF or controls assessment is preferred.
  • Familiarity with security products such as SIEMs, vulnerability scanning, and data analytics tools.
  • Understanding of network anomaly detection and the cyber kill chain related to Advanced Persistent Threats (APTs).
  • Experience with threat actor tactics, techniques, and procedures.

Responsibilities

  • Conduct security control assessments aligned with CMMC or NIST SP 800-53.
  • Plan assessment activities, including methodology and evidence requests.
  • Evaluate control effectiveness through documentation and stakeholder validation.
  • Collect and organize assessment evidence, ensuring traceability to requirements.
  • Produce deliverables like assessment reports and risk statements.
  • Identify control gaps and recommend practical remediation steps.
  • Collaborate with engineering and IT to validate remediation and perform follow-up testing.

Benefits

  • Bonus opportunities and employee support assistance.
  • Flexible hybrid working arrangement, requiring average in-office attendance.
  • Relocation assistance available.
  • Comprehensive health, dental, and vision insurance options.
  • 401(k) retirement savings plan with company match.
  • Paid Time Off and certain holidays.
Full Job Description

Job Description

Job Title: Cyber Controls Assessor

Working Pattern: Full-time

Working location: Indianapolis, IN (Hybrid Schedule)

We are seeking a Cyber Controls Assessor to plan and execute security control assessments aligned with CMMC and/or NIST SP 800-53. This role evaluates the design and operating effectiveness of security controls, validates evidence, documents results, and partners with technical and business stakeholders to reduce risk and strengthen compliance—especially in environments supporting U.S. DoD and federal requirements. Experience in the aerospace industry or working with DoD / U.S. federal government programs is a strong plus.

What you will be doing

With this attractive opportunity you will get a chance to:

  • Conduct security control assessments against CMMC and/or NIST SP 800-53 (and related standards as applicable).
  • Plan assessment activities: scope, methodology, schedules, evidence requests, interviews, and sampling.
  • Evaluate control implementation and effectiveness through documentation review, technical validation, and stakeholder walkthroughs.
  • Collect, validate, and organize assessment evidence; maintain clear traceability from requirements to test results.
  • Produce assessment deliverables such as control test plans, assessment reports, findings/risk statements, POA&Ms, and executive summaries.
  • Identify control gaps and provide practical remediation recommendations aligned to risk and operational constraints.
  • Partner with engineering, IT, security, and program teams to validate remediation and perform follow-up testing.
  • Support governance activities including policy/standard updates, risk register inputs, and continuous monitoring improvements.
  • Contribute to audit readiness and compliance support for federal/DoD-aligned environments (e.g., SSP/assessment artifacts as relevant).
  • Maintain professional documentation standards and ensure consistent assessment quality across programs.

Who we’re looking for:

At Rolls-Royce we put safety first, do the right thing, keep it simple and make a difference. These principles form the behaviours that guide us and are an essential component of our assessment process. They are the fundamental qualities that we seek for all roles.

Basic Requirements:

  • Associate’s degree in Information Technology, Cybersecurity, Information Systems or and 7+ years of relevant IT experience, OR
  • Bachelor’s degree in Information Technology, Cybersecurity, Information Systems and 5+ years of relevant IT experience, OR
  • Master’s degree in Information Technology, Cybersecurity, Information Systems, and 3+ years of relevant IT experience, OR
  • PhD and no years of experience, OR
  • 9+ years of experience in lieu of degree

Preferred Requirements:

  • Experience working on NIST RMF or controls assessment
  • Experience as a SOC Security Analyst and familiarity with industry leading security products such as SIEMs and networking mapping, vulnerability scanning and packet capture and data analytics tools
  • Experience of network anomaly detectionusingtraffic analysisornetworkintruderdetection systems
  • A basic understanding of the cyber kill chain in relation to Advanced Persistent Threats (APTs)
  • Experience and knowledge of threat actor tactics, techniques and procedures, vulnerabilities, attacks and countermeasures.
  • Experience of presenting on cyber security issues

What we offer

We offer excellent development opportunities, a competitive salary, and exceptional benefits. These include bonus, employee support assistance and employee discounts.

Your needs are as unique as you are. Hybrid working is a way in which our people can balance their time between the office or home. It99s a locally managed and flexed informal discretionary arrangement. As a minimum we99re all expected to attend the workplace for collaboration and other specific reasons, on average three days per week.

Relocation assistance is available for this position.

Global Grade Level C

Closing date: July 6th, 2026


Job Category

Information Technology

Job Posting Date

29 Jun 2026; 00:06

Pay Range

$114,400 - $185,900-Annually


Location:

Indianapolis, IN


Benefits

Rolls-Royce provides a comprehensive and competitive Total Rewards package that includes base pay and a discretionary bonus plan. Eligible employees may have the opportunity to enroll in other benefits, including health, dental, vision, disability, life and accidental death & dismemberment insurance; a flexible spending account; a health savings account; a 401(k) retirement savings plan with a company match; Employee Assistance Program; Paid Time Off; certain paid holidays; paid parental and family care leave; tuition reimbursement; and a long-term incentive plan. The options available to an employee may vary depending on eligibility factors such as date of hire, employment type, and the applicability of collective bargaining agreements.

About Rolls-Royce plc

Rolls-Royce plc is a British multinational engineering company that designs, manufactures, and distributes power systems for aviation, marine, and energy markets. The company was founded in 1904 and is headquartered in London, England. Rolls-Royce is a leading provider of power systems for civil and military aircraft, and is also a major supplier of power systems for marine vessels. The company's energy division provides power systems for the oil and gas industry, as well as for power generation and other industrial applications. Rolls-Royce has operations in over 50 countries and employs over 50,000 people worldwide.
Learn more about Rolls-Royce plc
Size
44,000 employees
Industry
NASDAQ

Similar Jobs

More Jobs at Rolls-Royce plc

More Information Technology Jobs

Find similar Cybersecurity Controls Assessor jobs: