A leading law firm with over 1000 people worldwide with headquarters in London, and 8 offices across Asia, Europe and the Middle East, are continuing with their rapid growth, and are now looking for an Information Security Analyst.
In this role you will:
- Deputise for the IT Security Manager as required.
- In conjunction with the Information Security Manager, develop and implement information security policies, standards and documentation ensuring compliance with all applicable legal or regulatory legislation.
- Work as an Information Security Auditor to define, maintain and implement an audit framework and schedule in compliance with security polices and standards.
- Maintain certification to ISO27001 and Cyber Essentials Plus against a backdrop of a growing firm and evolving regulations, technology, and processes.
- Maintain the cyber incident management process and develop the appropriate document repositories, policy documents, operational schedules, and processes.
- Ensure published policies are regularly reviewed and amended appropriately.
- Be actively involved in in firm-wide projects and liaison with third party suppliers to ensure that IT and information security principles are adhered to, from inception to retirement.
- Complete client data requests and reporting relating to IT, information, and cyber security.
- Drive and support an exceptions and waivers process ensuring exceptions are appropriately reviewed and action taken where relevant.
- Promote the firm’s security policy, to ensure appropriate measures are taken to secure the firm’s information and minimising security incidents.
- Maintain and manage the information security risk register, in conjunction with Risk and Compliance.
To be considered for this role you will have the following:
- Solid experience in a legal or other professional services firm is preferred – ideally a partnership structure.
- Knowledge of Azure, encryption key management and cloud-based services such as M365 is essential.
- Experience of operating in a similar role within the framework of and adhering to requirements of ISO27001 and Cyber Essentials Plus or similar standards.
- Experience in preparing documentation and guidance for others is essential.
- Experience in related supplier management, with vendors and resellers.
- Experience of aligning technology solutions with best practice and IT security policies and guidelines.
This role is based in London, however you can work from home for 2 – 3 days per week.
The firm offer a competitive salary, excellent benefits package and a great platform to progress your career.
