ESSENTIALS SKILLS AND EXPERIENCE

• Passionate about cyber security and keeping up with the latest trends, threats and mitigations
• Previous experience in assurance, compliance, or audit roles
• Strong understanding of information security standards and regulatory frameworks.
• Previous 3rd party assessment experience
• Excellent analytical and problem-solving skills.
• Strong communication and report writing abilities.
• Ability to work independently in a fast-paced, on-site environment.
• Experience with compliance tools and audit management platforms.
• Knowledge of UK data protection regulations including GDPR
• A proven IT background to understand and interpret findings and communicate to stakeholders
• Familiarity with OT environments is a plus
• Understanding of security frameworks such as NIST, and Cyber Essentials
• Ability to work independently in a fast-paced, on-site environment
• Strong analytical and communication skills.
• Strong documentation abilities
• Understanding of IT Service Management principles ideally ITIL.

ABOUT THE ROLE:

The Information Security team is responsible for ensuring that JCB has the correct level of security integrity to protect our systems, information, personal data and people from cyber-attacks and unauthorised access.
We are seeking a detail-oriented Assurance & Compliance Analyst to join our on-site team. This role is essential in ensuring our operations meet internal and external compliance requirements, including regulatory standards and industry best practices. You will work closely with IT, security, and operational teams to monitor, assess, and improve our compliance posture.
This critical role is essential to ensure JCB is proactive in staying on top of it’s obligations and leading the security compliance activities across the group.

WHAT DOES THIS ROLE INVOLVE DAY TO DAY?

• Conduct regular audits and assessments to ensure compliance with internal policies and external regulations
• Maintain and update compliance documentation, including policies and procedures
• Maintain the Cyber Risk Register and surrounding process
• Support the implementation and monitoring of Cyber Essentials, GDPR, and other relevant standards
• Third-party supply chain reviews and onboarding
• Review new IT, OT, Cloud and SaaS platforms
• Collaborate with internal teams to identify and remediate compliance gaps
• Assist in preparing for external audits and certification processes
• Monitor regulatory changes and assess their impact on the organisation
• Deliver training and awareness sessions on compliance topics
• Report on compliance metrics and provide recommendations for improvement
• Arrange and Manage 3rd Parties for Security Penetration Tests on internal and external systems
• Support IT audits and internal investigations
• Manage Supply Chain and Dealer Network processes and compliance