JCB
Information Security Vulnerability Management Analyst

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Salary: Competitive Salary
Contract Type: Full Time
Working Pattern: Permanent
The Opportunity - Information Security Vulnerability Management Analyst
Click here for our Careers & Life at JCB pages
About the role:
The Information Security team is responsible for ensuring that JCB has the correct level of security integrity to protect our systems, information, personal data, and people from cyber-attacks and unauthorised access.
We are seeking a detail-oriented and proactive Vulnerability Management Analyst to join our on-site Information Security team.
This critical role is essential in identifying, assessing, and mitigating vulnerabilities across our IT, OT, Cloud, and SaaS environments. You will work closely with infrastructure, application, and operations teams to ensure timely remediation of security risks.
What does this role involve day to day?
- Manage the Vulnerability Management Process and Platform globally
- Perform regular vulnerability scans and testing across IT, OT, and SaaS systems using industry-standard tools
- Arrange and Manage 3rd Parties for Security Penetration Tests on internal and external systems
- Analyse scan results, prioritise vulnerabilities, and coordinate remediation efforts with relevant teams – see through to completion
- Maintain and improve the vulnerability management lifecycle and reporting processes
- Feed in to Risk Register and other teams for immediate and future improvements
- Track and report on remediation progress and risk posture to senior stakeholders
- Collaborate with IT and engineering teams to ensure secure configurations and patch management – find the root causes of issues and work to resolve
- Support compliance alignment with NIST, and Cyber Essentials
- Assist in threat modelling and risk assessments
- Maintain documentation and procedures related to vulnerability management
- Seek out and exploit opportunities for improvement to the group’s overall security posture.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
This would be suited to you if...
- You're passionate about cyber security and keeping up with the latest trends, threats, and mitigations
- You have proven experience in vulnerability management or previous role(s) as Security Analyst/Engineer
- You have a strong understanding of vulnerability scanning tools and techniques
- You're familiar with CVSS scoring and vulnerability prioritisation techniques
- You have knowledge of patch management processes and secure system configurations
- You are familiar with OT environments is a plus
- You have an understanding of security frameworks such as NIST, and Cyber Essentials
- You have an ability to work independently in a fast-paced, on-site environment
- You have a strong analytical mindset and communication skills
- You have an understanding of IT Service Management principles ideally ITIL
What happens next?
Ordinarily, our Resourcing Team reviews and shortlists CVs. If shortlisted, you’ll speak to one of our Recruiters to discuss the role further. Our interview process usually consists of an initial teams interview followed by an in-person interview. We’ll keep in touch throughout the process but if you have any questions, please get in touch at recruitment@jcb.com


Get help with your application
Your very own career expert that helps elevate your application to the next level.
What’s in it for you?
This is your chance to join a company that values expertise not only in rewards but also in real employee care. At JCB you don’t just get a competitive salary, 33 days’ holiday and access to our company pension—you can also use our onsite gym, in-house doctor, dentist, and visiting optician. We have an ULEV car scheme available for our employees too. Then there’s the JCB Rewards Hub, which gives you discounts with high street retailers. Feel like biking to work? There’s our Cycle to Work Scheme.
We value diversity and welcome applications from candidates from all backgrounds.
We’re committed to ensuring our recruitment process is fair and inclusive. If you face any accessibility challenges with your online application and require additional support, you have the option of speaking to a member of our Recruitment Team who can support you to complete an application in an alternative format. If you would benefit from this support, please email recruitment@jcb.com, and a member of the team will be in touch.
Recruitment Agencies: JCB does not accept any speculative approaches to present candidates for advertised vacancies.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills