Information Security Manager - Law Firm

Posted 10 April by Latcom Plc
Easy Apply
£100,000 - £105,000 per annum
London , South East England
Permanent, full-time

Register and upload your CV to apply with just one click

View all jobs
Posted by Latcom Plc

Job Responsibilities

  • Acting as a deputy for the Head of Information Security.
  • In conjunction with the Head of Information Security, develop and implement information security policies, standards and documentation ensuring compliance with all applicable legal or regulatory legislations.
  • Manages and facilitates governance meetings.
  • Manages cross-functional initiatives to deliver on risk goals, policies and procedures.
  • Experience delivering presentations and engaging with senior leadership.
  • Manage the Technology risk strategies that maintain the status of industry compliance across enterprise applications, MSPs and Cloud services that store, process and transmit firm data.
  • Research and evaluate emerging security threats and ways in which to manage and mitigate them.
  • Providing SME guidance to Information Security related audits and reviews.
  • Manage audit findings (internal, external and client driven) to ensure that business departments understand issues and that remediations effectively mitigate information security risks.
  • Manage the cyber incident management process and develop appropriate document repositories, policy documents, operational schedules and processes.
  • Drive and manage processes for reporting KPI's and other metrics in relation to risk, threats, vulnerabilities, compliance and performance.
  • Manage post-incident investigations and provide advice to address issues and/or amend procedures to enhance the Firm's information security protection.
  • Manage all security certifications to ensure compliance to applicable standards and regulations.

Skills Required

  • Have an experienced level of information security risk management knowledge.
  • Design, operation, and governance of industry-standard security control frameworks.
  • Experience managing collaborating cross functionally to identify and implement best practice risk processes.
  • Experience growing and motivating a team; coaches' members through career milestones and progression.
  • Knowledgeable in technical and governance disciplines of information security, risk, audit and compliance
  • Knowledge of Azure, encryption key management and cloud-based services such as M365 is essential.
  • Experience of operating in a similar role within the framework of and adhering to requirements of ISO27001 and Cyber Essentials Plus or similar standards.

This role offers hybrid working - 2 days WFH/3 days office based.

Reference: 52449287

Please note Reed.co.uk does not communicate with candidates via Whatsapp, and we will never ask you to provide your bank, passport or driving licence details during the application process. To stay safe in your job search and flexible work, we recommend visiting JobsAware, a non-profit, joint industry and law enforcement organisation working to combat labour market abuse. Visit the JobsAware website for information and free expert advice for safer work.

Report this job

Not quite what you are looking for? Try these similar searches