Senior Assistant Information Security Officer | Remote | Permanent | Up to £50,000 Per Annum
Peaple Talent has partnered with a tech-driven law firm who are well-established in the legal sector looking for a Senior Assistant Information Security Officer to join their rapidly growing security team.
Our client is looking for someone with a willingness to embrace team working and a passion for client service.
You will be primarily responsible for identifying and mitigating the major information security risks for the firm and ensuring compliance with specific regulatory and best practice standards.
Based remotely (our client has offices all over the UK) you will be reporting to the Head of Information and Cyber Security and be tasked with the following:
- Continue the enhancement and implementation of information security and data processing policies and standards across the firm and in particular, auditing and maintaining our client’s ISO27001 processes and accreditation.
- Keep up to date with current cyber security risks and mitigation techniques.
- Act as a point of reference on best practices in relation to IT and IS governance, controls and practices across the firm.
- Supporting the assessment of the security posture of the organisation and being able to give sound advice for security tooling in place and new techniques.
- Manage and implement internal, client and external information security audits.
- Identify weaknesses in security tools, processes and procedures and provide recommendations to resolve them.
- Maintain the internal policy and procedure bank.
- Managing third-party penetration testing including scoping, analysis, remediation planning and tracking.
- Offer training on aspects of information security policy to the firm as required.
- Managing the compliance and vulnerability management platforms for both on-premise and cloud-based assets.
- Research and evaluate emerging security threats and ways in which to manage or mitigate them.
- Offer advice and guidance to internal stakeholders to ensure best practice is always followed.
- Supporting users on change control and system updates to ensure best practice is followed.
- Work closely with multiple 3rd-party suppliers to ensure any risks are understood and mitigated.
The ideal candidate for this Senior Assistant Information Security Officer role will have relevant experience of working in an Information Security environment and has preferably worked in the legal sector (although, this is not essential).
You’ll also need a background in:
- Information security management systems (ISMS) and maintaining ISO270001 certification.
- Internal/external security penetration testing.
- Developing IT governance, controls and best practice processes in the form of ITIL.
- Processes and tools relating to information security.
- Undertaking a range of internal and third-party audits around Information Security, data protection and IT governance and controls.
- Penetration testing procedures.
- Developing physical security best practice processes and controls.
- Experience with vulnerability management, SIEM and malware.
- Data Protection Act and GDPR provisions.
- Understanding complex web and standalone applications/systems architectures involving multiple technologies.
- The principles of risk assessment and risk treatment, including operational risk as well as compliance monitoring and reporting.
- Project engagements, using a waterfall and agile methodology.
- Writing policies and procedural documentation for IT systems/requirements.
- Cloud environments, i.e. Azure and AWS.
Basic Salary: Up to £50,000 Per Annum (Dependant on Experience).
- Annual Pay Reviews.
- Flexible Benefits Scheme.
- 25 Days Holiday (Increasing up to 30 days based on length of service).
- Private Medical Insurance.
Interested? If you think you’re right for this Senior Assistant Information Security Role, then click the ‘Apply Now’ button, send us your CV and we’ll consider you for the first round of interviews.