Information Security Risk & Compliance Analyst

Information Security Risk & Compliance Analyst

Lithia, Remote

Salary up to £33,000, pension, critical illness, life assurance, family health care, 25 days holiday (plus bank holidays), exclusive company discounts on used car purchases, leasing deals and aftersales services  

Reporting to the Head of Global Information Security Risk & Compliance, you’ll be instrumental in monitoring and managing cyber controls, assessing third-party vendor risks, and supporting key compliance initiatives across the business. This is a hands-on role where you'll collaborate with stakeholders across Compliance, Technology, and the wider organisation to proactively identify and reduce cyber and technology risks.

You’ll also help maintain and improve our Information Security Management System (ISMS), shaping policies, standards, and processes that align with leading frameworks such as ISO27001, PCI-DSS, NIST, and GDPR. If you're detail-oriented, curious, and confident working with internal and external partners, this is a great opportunity to develop your career in a fast-paced, global environment.

Your Journey as an Information Security Risk & Compliance Analyst:

• Support the development and management of information security policies, procedures, and controls aligned with industry standards and regulations.
• Conduct cyber risk assessments to identify vulnerabilities and recommend mitigation strategies.
• Collaborate with IT, Legal, Compliance, and business teams to assess risks and implement improvements
• Monitor emerging threats and trends to proactively manage cyber risks.
• Perform compliance audits and assessments, ensuring adherence to internal policies and external requirements.
• Maintain the information security risk register and contribute to risk analysis and mitigation planning.
• Evaluate and improve existing security controls, supporting risk-based decision-making.
• Lead third-party security assessments and ensure vendor compliance with contractual obligations.
• Deliver clear risk and compliance reports, metrics, and dashboards to stakeholders and senior leadership.
• Assist in the delivery of security awareness and compliance training across the business.
• Provide subject matter expertise on regulatory compliance (e.g., ISO27001, GDPR, PCI-DSS).
• Support fraud prevention and internal control strategies in partnership with Finance.
• Use risk and compliance tools to manage assessments and track program performance via KPIs.
• Participate in security assessments for new and existing systems, tools, and technologies.

Are You Ready to Embrace the Challenge? We’re looking for someone who:

• Holds a Bachelor’s degree in information technology, computer science or a related field
• Has at least 3 years of experience in information technology, risk management and compliance management

• Experience supporting the development and implementation of RISK & COMPLIANCE programs, policies, procedures, and controls
• Professional certification in relevant areas such as CISA, CISSP, CRISC, or similar are desirable

• Sound knowledge of regulatory requirements and industry standards (such as GDPR, CCPA, SOX, PCI) and security controls and technologies
• Excellent analytical skills with the ability to identify and assess complex risks and provide practical recommendations
• Strong communication and interpersonal skills to effectively collaborate with stakeholders at all levels of the organisation

At Lithia UK, our growth is powered by our people: 

As one of the largest automotive retailers globally, we’re passionate about transforming the future of personal transportation and setting new standards for exceptional customer experiences. Our values—Earn Customers for Life, Improve Constantly, Take Personal Ownership, and Have Fun!—fuel everything we do. Join us, and you’ll be part of a team that embraces innovation, champions personal growth, and celebrates success together. If you're ready to make an impact in an environment that empowers you to drive change, we’d love to have you with us on this journey. 

Diversity is Our Strength: 

Lithia UK recognises the value that diversity brings to the workforce.  This is why we positively welcome applications from all walks of life, backgrounds, and communities. If you have the motivation, skills and talent potential that we are looking for then get in touch. We are an equal opportunities employer.