Advanced Cyber Unit UK Lead

Job Description

Advanced Cyber Unit UK Lead

Bristol/ Hybrid

Full time

Why join Rolls-Royce?

At Rolls-Royce we are proud to be a business that has truly helped to shape the modern world and are committed to always being a force for progress; powering, protecting and connecting people everywhere.

By joining Rolls-Royce, you'll have the opportunity to work on world-class solutions, supported by a culture that believes individuality is our greatest strength, and all perspectives, experiences and backgrounds help us innovate and enable our high-performance culture.

Position Summary

As the UK ACU Lead you will report to the Global Head of the ACU and work as part of the wider IT Security team. You will manage a group of advanced cyber analysts in the UK and work in conjunction with a global set of Cyber Security Operations Centres (SOCs). You’ll  

interact routinely with key stakeholders in the Rolls-Royce IT function and operating divisions, taking the initiative to make new connections and to add value.

In the role you will help to lead a niche team of hunt specialists whose job is to reduce the risk of cyber threats to the organisation.  This is to be achieved through:

What you will be doing:

• Leading a global team of cyber professionals protecting an internationally recognised company that is a major target for multiple threat actors.
• Identifying suspicious and / or anomalous activities and taking appropriate action based on documented processes and procedures. Assessing the security impact of security alerts and traffic anomalies on the Roll-Royce network.
• Acting as a champion for cyber security analysis within the organisation and as an ambassador for the profession, influencing the direction of the discipline.
• Development of a strategy for the ACU, influencing up the hierarchy.
• Overseeing the supervision of all cyber security analysts globally, ensuring that they act a single team despite their geographically diverse locations and regional rules and regulations.
• Leading the company’s technical response on major cyber security incidents acting as the link between the analytical teams and Gold Command. Responsible for developing, recommending and coordinating immediate mitigation actions for containment, eradication, and recovery resulting from cyber security incidents. Also for solving new and merging problems with impact at senior levels that require innovative thinking to develop solutions,
• Working with the Rolls-Royce Cyber Security Incident Director, the central Incident Support Team and divisional Business Continuity Teams globally, influencing stakeholders at more senior levels to new points of view.
• Representing the interests of cyber security analysts within the company, developing plans to build the profession and setting appropriate governance to ensure that high standards are met.
• Provide visible leadership to the cyber security professional community.
• Supporting the Rolls-Royce SOCs and threat hunt teams in managing security incidents through all phases of the incident response lifecycle from identification through to closure. Overseeing their efforts in monitoring and analysing logs, packet captures and alerts from a variety of different data sources (IDS/IPS, Firewall, Proxies, Anti-Virus, SIEMSs, etc.), across multiple platforms.
• Escalating and explaining severe security incidents verbally and in writing.
• Creating comprehensive security write-ups which articulate security issues, analysis, and remediation techniques.
• Utilising a variety of intelligence sources to maintain a strong awareness and understanding of the current threat landscape.
• Providing situational security awareness by combining information from a variety of systems and normalizing / correlating the information.
• Creating comprehensive security assessments which articulate security issues, analysis, and remediation techniques.
• Leading Cyber Awareness activities.
• Assisting Rolls-Royce users and key stakeholders with security related issues and advice. Responding to technical security questions and concerns from the business, communicating complex ideas, and anticipating potential objections.
• Liaising with Rolls-Royce counterparts around the world to provide global coverage. Contributing to information sharing partnerships.
• Defining toolset requirements, supporting the selection of appropriate tools and in some cases developing in-house capability to support the needs of the Advanced Analytic team’s long-term strategy and technology roadmaps.
• Continuously seeking to identify potential service / tool improvements which will enhance the delivered services.
• Conducting research on emerging security threats and potential customer impact.
• Providing team management, skills mentoring and resource allocation for the services the ACU provides.

Position Qualifications:

• Bachelor’s degree in business, computer science or information technology and 4+ years of information technology security experience OR 8+ years of information technology security experience.
• A minimum of three years’ experience in a SOC and of managing cyber security incidents from initial identification to final resolution with a GIAC Certified Enterprise Defender (GCED) certification.
• Familiarity with industry leading security products such as SIEMs and networking mapping, vulnerability scanning and packet capture and data analytics tools.

• A minimum of three years working as a threat hunter in a high-octane environment with a GIAC Intrusion Analyst (GCIA) certification.
• Demonstrable experience of major cyber incident response activities
• Experience of building relationships quickly with key business stakeholders
• An ability to manage a team of remote workers ensuring that they coalesce as a coherent whole.
• A passion for IT, cyber security, learning and knowledge sharing combined with an analytical and curious mind-set to carry out investigations.

Preferred Requirements:

• CISSP, GSEC, GCIH, GCIA, CEH, CHFI, CCNA, MCSE or related security certifications would be of advantage, as would previously experience of working as part of a hunt team.
• Experience of using ITIL compliant processes. ITIL Foundation course.
• Articulate in the development of technical reporting and the production of business cases to recommend new strategies.

Regional Benefits:

• Work in a safety-first environment were doing the right thing and keeping it simple are core principles.
• Join a culture that values making a real difference through your work.
• Develop your career as a mid-career professional blending technical expertise with strong personal qualities.
• Thrive in a role that encourages integrity, accountability, resilience, and curiosity.
• Collaborate and build relationships in a team-focused environment while also working independently.
• Take initiative, lead, and make smart decisions with confidence and support.
• Grow through continuous learning, openness to improvement, and exposure to challenging opportunities.

Our vision is to ensure that the excellence and ingenuity that shaped our history continues into our future. Our multi-year transformation programme aims to turn Rolls-Royce into a high-performing, competitive, resilient and growing company. Join us, and it can be your future vision too.

Rolls-Royce are committed to being a respectful, inclusive, and non-discriminatory workplace where individuality is valued, diverse perspectives fuel innovation, and everyone can thrive.

Grade: Level C

Closing Date: 01.04.2026

For further information, please contact: aaron.thoresendavidson@rolls-royce.com

Job Category

Information Technology

Posting Date

28 Apr 2026; 00:04

Posting End Date

01 May 2026