Cloud computing concept communication network

Information Security Analyst

A leading law firm with over 1000 people worldwide with headquarters in London, and 8 offices across Asia, Europe and the Middle East, are continuing with their rapid growth, and are now looking for an Information Security Analyst.

In this role you will:

  • Deputise for the IT Security Manager as required.
  • In conjunction with the Information Security Manager, develop and implement information security policies, standards and documentation ensuring compliance with all applicable legal or regulatory legislation.
  • Work as an Information Security Auditor to define, maintain and implement an audit framework and schedule in compliance with security polices and standards.
  • Maintain certification to ISO27001 and Cyber Essentials Plus against a backdrop of a growing firm and evolving regulations, technology, and processes.
  • Maintain the cyber incident management process and develop the appropriate document repositories, policy documents, operational schedules, and processes.
  • Ensure published policies are regularly reviewed and amended appropriately.
  • Be actively involved in in firm-wide projects and liaison with third party suppliers to ensure that IT and information security principles are adhered to, from inception to retirement.
  • Complete client data requests and reporting relating to IT, information, and cyber security.
  • Drive and support an exceptions and waivers process ensuring exceptions are appropriately reviewed and action taken where relevant.
  • Promote the firm’s security policy, to ensure appropriate measures are taken to secure the firm’s information and minimising security incidents.
  • Maintain and manage the information security risk register, in conjunction with Risk and Compliance.

To be considered for this role you will have the following:

  • Solid experience in a legal or other professional services firm is preferred – ideally a partnership structure.
  • Knowledge of Azure, encryption key management and cloud-based services such as M365 is essential.
  • Experience of operating in a similar role within the framework of and adhering to requirements of ISO27001 and Cyber Essentials Plus or similar standards.
  • Experience in preparing documentation and guidance for others is essential.
  • Experience in related supplier management, with vendors and resellers.
  • Experience of aligning technology solutions with best practice and IT security policies and guidelines.

This role is based in London, however you can work from home for 2 – 3 days per week.

The firm offer a competitive salary, excellent benefits package and a great platform to progress your career.

Website Job Registration - Listing Pages