JCB

About the Company

JCB is one of the largest privately owned engineering and manufacturing companies in the UK and the World's third largest manufacturer of construction machinery. With a global presence and manufacturing facilities on 4 continents, we employ over 15,000 people worldwide and produce over 300 different products.

With a trusted brand that is synonymous with world class innovation. Our team design and build machines for hard work and reliability, using only the most advanced technology and techniques. We produce a broad spectrum of machines from 800kg to nearly 50 tonnes for markets including traditional construction through to defence, waste recycling and agriculture.

JCB's success is built upon constant customer focus and innovation in everything we do. Always looking for a better way.

Listed Jobs

Company Name

JCB

Job Title

Information Security Vulnerability Management Analyst

Job Description

**Job title** Information Security Vulnerability Management Analyst **Role Summary** Drive the end-to-end vulnerability management lifecycle across IT, OT, Cloud and SaaS environments. Conduct scans, analyze findings, prioritize risks, coordinate remediation, and maintain an effective reporting framework to strengthen the organization’s overall security posture. **Expactations** - Continuously identify and mitigate vulnerabilities in a fast‑paced, on‑site environment. - Ensure compliance with NIST and Cyber Essentials frameworks. - Collaborate with infrastructure, application and operations teams to secure configurations and automate patch management. - Report risk posture to senior stakeholders and update risk registers. **Key Responsibilities** - Manage global Vulnerability Management Process and platform. - Perform regular vulnerability scans and penetration tests using industry‑standard tools. - Analyze scan results, prioritize by CVSS, and coordinate remediation until closure. - Maintain and improve vulnerability lifecycle, reporting, and documentation. - Integrate findings into Risk Register and facilitate continuous improvement initiatives. - Support threat modelling, risk assessments, and compliance alignment. - Liaise with 3rd‑party testers for internal and external penetration testing. **Required Skills** - Proven experience in vulnerability management or as a Security Analyst/Engineer. - Proficient with vulnerability scanning tools and CVSS scoring. - Knowledge of patch management processes and secure system configurations. - Familiarity with OT environments is a plus. - Understanding of NIST and Cyber Essentials security frameworks. - Ability to work independently in a dynamic, on‑site setting. - Strong analytical, communication, and ITIL‑based Service Management mindset. **Required Education & Certifications** - Bachelor’s degree in Computer Science, Information Security, or relevant field. - Industry certifications such as CISSP, CISA, CompTIA Security+, or equivalent preferred.

Rocester, United kingdom

On site

29-01-2026

Company Name

JCB

Job Title

Information Security Engineer

Job Description

**Job Title** Information Security Engineer **Role Summary** Secure and continuously improve the enterprise IT environment by leading security projects, managing cyber‑defense tools, conducting incident response, and ensuring compliance with industry standards. Works closely with infrastructure, application, and operations teams to embed security across all systems. **Expectations** - Passionate about cyber security and emerging threat landscape - Proven ability to manage complex global projects and provide technical guidance - Strong communication with technical and non‑technical stakeholders - Hands‑on experience in security engineering across on‑prem, cloud, and SaaS environments - Demonstrated incident response, root‑cause analysis, and risk mitigation skills **Key Responsibilities** 1. Lead and support IT security projects, ensuring delivery is secure, timely, and effective. 2. Partner with business units to provide security input for architecture and design. 3. Manage and maintain cybersecurity tools (SIEM, EDR, vulnerability scanners, IAM, etc.) across all platforms. 4. Embed security into operational processes, collaborating with internal IT and third‑party teams. 5. Lead incident response activities, incident monitoring, and real‑time alert handling; drive continuous improvement. 6. Advise on security implications of new technologies and contribute to long‑term strategic decisions (roadmap, risk register). 7. Monitor, assess, and remediate vulnerabilities and security alerts; pursue security enhancements. 8. Support security and internal investigations, ensuring adherence to robust change control. 9. Enforce security policies, procedures, and standards; maintain compliance with ISO 27001, NIST, and Cyber Essentials Plus. 10. Assist with internal and external audits and remediation activities; identify opportunities to strengthen overall security posture. **Required Skills** - Expertise in network security, endpoint protection, threat detection, and incident response. - Proficiency with security tools and technologies (SIEM, EDR, IAM, vulnerability scanners, cloud security solutions). - Solid understanding of security frameworks (NIST SP 800‑53, ISO 27001, Cyber Essentials). - Experience managing complex security projects and providing technical guidance. - Knowledge of IT Service Management (ITIL preferred). - Ability to assess risk, identify vulnerabilities, and implement mitigation strategies. - Strong communication and collaboration skills across technical and non‑technical teams. - Background in OT security is a plus. **Required Education & Certifications** - Bachelor’s degree in Computer Science, Information Systems, Cyber Security, or related field. - Professional certifications such as CISSP, CISM, CEH, or CompTIA Security+ preferred. - ISO 27001 Lead Implementer/Lead Auditor certification is advantageous.

Rocester, United kingdom

On site

29-01-2026