Jaguar Land Rover is harnessing technology to make driving smarter, safer and cleaner. You can help create a world in which responsible, sustainable vehicles revolutionise the driving experience for generations. Our vision is to leverage the incredible potential of technology to build vehicles that not only offer a premium, all-encompassing digital experience, but that also make our customers lives better.

WHAT TO EXPECT

The Information and Cyber Security team plays a vital role safeguarding Jaguar Land Rover’s information assets on a global basis. This role is part of the Governance, Risk and Compliance function whose purpose is to manage information risk to acceptable levels, using a framework of controls and oversight across the enterprise.

The role ensures we deliver appropriate governance, risk and compliance for information security throughout Jaguar Land Rover. The role also provides some support for other functions (SOx IT, Governance, Compliance, Security Culture, Supply Chain).

Working with the ICS Strategy and Risk Manager within the Information & Cyber Security team, the role will support all ICS Strategic and Risk Management activities within the Governance, Risk and Compliance pillar of the Information and Cyber Security (ICS) team

You'll also be responsible for the following:

Support and drive key ICS Strategic and Risk Management initiatives across all business domains, as defined by objectives, and see them through to completion Support the development of the ICS Risk Management Strategy, as well as the evolution of the overall ICS Strategy from the focus point/driver of reducing risk to within acceptable/tolerable levels• Support the definition, implement and maintenance of the Risk Management Framework in an ever evolving and changing risk landscape Create and communicate supporting artefacts regarding strategic development and risk management i.e., documented processes, strategies, milestones, risk actions, KPIs Capture, develop and present relevant ICS metrics and reports for management information as required, to articulate tangible risk reduction progress Support the Policy Exception process from a risk perspective Receive, manage and progress risk and strategy related tickets/business queries Develop companywide (including 3rd party), best practices and processes for Information Security risk Support IT and the business in documenting, sizing and planning responses to Information Security risk in adherence to documented policies, standards and procedures, providing Education & Awareness on these where relevant Conduct risk assessments across business and IT domains and work with product/service managers to ensure effective management of these risks Maintain and evolve risk management systems and data quality to ensure accurate reporting Research and consider policy, standard and process enhancements across the GRC space with the view of further reducing risk Any other activities as reasonably directed by management.  

WHAT YOU'LL NEED

To be successful in the role you will need the following skills and experience:

Understanding of Information Security processes, functions and practices, particularly in the GRC space Understanding and experience managing and assuring security controls Proven analytical skills with the ability to manage simultaneous priorities under pressure and in line with changing deadlines. Strong analysis skills, Excel expert with experience creating insight from analysis and data. Able to present a professional, approachable image of Information Security to all stakeholders through verbal and written interactions Exceptional customer service skills and abilities. Proven experience in working with external global third-party vendor and Managed Services Providers including software vendors Strong analytical, problem solving, persuasion negotiation, and conflict resolution skills with a strong sense of urgency, without the requirement for explicit deadlines Good understanding of relevant industry standards and frameworks (e.g. GDPR, COBIT, NIST, ISO 27001)  

Additional experience and skills that would be advantageous:

Previous Security team experience working within the GRC space would be beneficial Experience of authoring governance documentation (standards, policies, reporting, proposals, analysis) Experience of authoring governance documentation (standards, reporting, proposals, analysis) – PowerPoint expert with experience of creating presentations for senior stakeholders Experience or knowledge of Agile practices (e.g., SAFe, SCRUM) Knowledge and experience in managing information security in a highly regulated business (Financial Services, Pharma) Knowledge and experience in Information Security Auditing Techniques Certifications: CRISC, CISM, CISSP. Experience gained in consulting or working in service provider environment Experience of working globally, culturally astute and sensitive.  

SO WHY US?

Bring all this to the home of premium innovation, and you’ll find the opportunities to further your career with a world-class team, a discounted car purchase and lease scheme for you and your family, membership of a competitive pension plan and performance related bonus scheme. All this and more makes Jaguar Land Rover the perfect place to continue your journey.

This role may offer the opportunity for hybrid working where you can split your time between working from home and in the office. At Jaguar Land Rover, hybrid working is a voluntary, non-contractual arrangement providing employees with more choice and flexibility around how, when and where they work, if suitable for their role. Further details can be discussed with the Hiring Manager at interview stage. 

Please be aware that we may close this vacancy for applications before the stated deadline if we receive a high volume of interest. We strongly advise you to submit your application as early as possible.

Jaguar Land Rover is committed to equal opportunity for all.