Security GRC Analyst

🔐 Security GRC Analyst

Leeds or Manchester · Hybrid · CAPTG Europe · Cox Automotive

Help protect the platforms that keep Europe’s automotive ecosystem moving.

Cox Automotive is the world’s largest automotive services organisation — powering digital, data and physical solutions across the entire vehicle lifecycle. Behind that capability sits a modern, forward‑thinking Information Security function designed to safeguard our people, our customers, and our data.

We’re looking for a Security GRC Analyst to join our European Information Security team and play a key part in strengthening our cyber resilience, maturing our governance processes, and enabling secure innovation across multiple brands and markets. 

🌍 Why Join Us?

At Cox Automotive Europe, security isn’t a blocker — it’s an accelerator.
You’ll work within a collaborative security team that partners closely with engineering, technology, product and business teams across the UK and Europe. You’ll have the opportunity to influence how governance, risk and compliance shape our platforms, services and operational landscape.

You’ll also work closely with our global Enterprise Risk & Security teams in the US, giving you exposure to world‑class security practices and the chance to help localise and embed them across Europe. 

🔧 What You’ll Be Doing

As our Security GRC Analyst, you will support a broad range of governance, risk and compliance activities that underpin our European security posture — including:

• Responding to customer assurance requests, security questionnaires and audit requirements
• Managing supplier assurance assessments and third‑party risk reviews
• Helping maintain and improve security policies, standards and supporting documentation
• Supporting risk identification, assessment and governance processes across CAPTG Europe
• Coordinating security evidence and documentation for certifications (ISO, SOC, etc.)
• Assisting with compliance reviews for projects, new services and M&A activity
• Maintaining security documentation for legal and regulatory obligations
• Collaborating with UK, European and global security teams to align GRC practices
• Supporting security incidents from a governance and documentation perspective
• Driving continuous improvement and helping embed security into everyday operations 

🧩 What You Bring

Essential Experience

• 2+ years in information security or governance, risk & compliance
• Solid understanding of cloud (AWS/Azure), infrastructure and software development concepts
• Familiarity with core frameworks such as ISO 27001, SOC 2, GDPR
• Experience with customer assurance, audits, or compliance questionnaires
• Supplier assurance / third‑party risk management expertise
• Excellent communication, organisation and stakeholder‑management skills

Desirable

• GRC tooling or platform experience
• Knowledge of risk methodologies
• Certifications such as CISM, CRISC
• Understanding of PCI‑DSS
• Exposure to secure development practices or cloud security principles 

⭐ What This Role Gives You

• A chance to develop your GRC skillset across diverse brands, systems and markets
• Close collaboration with global security experts and leading practitioners
• The opportunity to meaningfully influence how security is governed and embedded across a fast‑moving enterprise
• A supportive environment that values curiosity, improvement and practical security

📩 Ready to Make an Impact?

Join us and help shape a resilient, secure future for Cox Automotive Europe.
Apply now and become part of a team where security truly matters.