đ Security GRC Analyst
Leeds or Manchester · Hybrid · CAPTG Europe · Cox Automotive
Help protect the platforms that keep Europeâs automotive ecosystem moving.
Cox Automotive is the worldâs largest automotive services organisation â powering digital, data and physical solutions across the entire vehicle lifecycle. Behind that capability sits a modern, forwardâthinking Information Security function designed to safeguard our people, our customers, and our data.
Weâre looking for a Security GRC Analyst to join our European Information Security team and play a key part in strengthening our cyber resilience, maturing our governance processes, and enabling secure innovation across multiple brands and markets.
đ Why Join Us?
At Cox Automotive Europe, security isnât a blocker â itâs an accelerator.
Youâll work within a collaborative security team that partners closely with engineering, technology, product and business teams across the UK and Europe. Youâll have the opportunity to influence how governance, risk and compliance shape our platforms, services and operational landscape.
Youâll also work closely with our global Enterprise Risk & Security teams in the US, giving you exposure to worldâclass security practices and the chance to help localise and embed them across Europe.
đ§ What Youâll Be Doing
As our Security GRC Analyst, you will support a broad range of governance, risk and compliance activities that underpin our European security posture â including:
* Responding to customer assurance requests, security questionnaires and audit requirements
* Managing supplier assurance assessments and thirdâparty risk reviews
* Helping maintain and improve security policies, standards and supporting documentation
* Supporting risk identification, assessment and governance processes across CAPTG Europe
* Coordinating security evidence and documentation for certifications (ISO, SOC, etc.)
* Assisting with compliance reviews for projects, new services and M&A activity
* Maintaining security documentation for legal and regulatory obligations
* Collaborating with UK, European and global security teams to align GRC practices
* Supporting security incidents from a governance and documentation perspective
* Driving continuous improvement and helping embed security into everyday operations
𧩠What You Bring
Essential Experience
* 2+ years in information security or governance, risk & compliance
* Solid understanding of cloud (AWS/Azure), infrastructure and software development concepts
* Familiarity with core frameworks such as ISO 27001, SOC 2, GDPR
* Experience with customer assurance, audits, or compliance questionnaires
* Supplier assurance / thirdâparty risk management expertise
* Excellent communication, organisation and stakeholderâmanagement skills
Desirable
* GRC tooling or platform experience
* Knowledge of risk methodologies
* Certifications such as CISM, CRISC
* Understanding of PCIâDSS
* Exposure to secure development practices or cloud security principles
â What This Role Gives You
* A chance to develop your GRC skillset across diverse brands, systems and markets
* Close collaboration with global security experts and leading practitioners
* The opportunity to meaningfully influence how security is governed and embedded across a fastâmoving enterprise
* A supportive environment that values curiosity, improvement and practical security
đ© Ready to Make an Impact?
Join us and help shape a resilient, secure future for Cox Automotive Europe.
Apply now and become part of a team where security truly matters.
STRICTLY NO AGENCIES PLEASE
We kindly ask that agencies do not contact us regarding this vacancy. We work with a carefully selected and trusted group of recruitment partners.
We do not accept unsolicited CVs sent to the recruitment team or directly to a hiring manager. We will not be responsible for any fees related to unsolicited submissions.