Reporting to the CIO you will be responsible for managing the day to day information security at the firm. Working closely with third party providers you will be responsible for ensuring the day to day IT security suppliers perform to expectations.
You will take part in ongoing and upcoming improvement projects working through the implications within hardware and software changes and upgrades cyber security risk analysis and information security policies.
You will lead in the incident response to any information security breach working closely with the rest of the IT Team as well as risk and compliance functions.
Previous law firm experience is advantageous.
- Line management of the Information Security Analyst
- Uses experience and best practice to provide authoritative advice and guidance on the requirements for security controls in collaboration with experts in other functions e.g. legal technical support. Ensures architectural principles are applied during design to reduce risk and drives adoption and adherence to policy standards and guidelines
- Maintains and manages the Security Incident Response plans and affected processes
- Responsibility for oversight of information security initiatives including audit action points
- Assesses risks to the availability integrity and confidentiality of the firms systems. Coordinates the planning designing testing of maintenance procedures and contingency plans to address exposure to risk and ensure that agreed levels of continuity are maintained
- Works with external security providers to proactively maintain a secure environment Delivers projects in collaboration with other IT Team members to further improve the security posture of the firm
- Proven track record of delivering security improvements to time cost and quality controls
- CISSP or CISSM certification essential
- Thorough understanding of GDPR essential related qualifications desirable
- ISO 27001 accreditation and experience of implementing such advantageous
- Knowledge of Microsoft Intune Group Policy and Windows 10 Security DMARC implementation advantageous
- Excellent knowledge of MS Office; working knowledge of program/project management software (Basecamp MS Project etc.) Knowledge of professional services and partnership environments advantageous
- Normal office hours are 9.30 am until 5.30 pm flexibility required.
Based in Canary Wharf with occasional travel to a central London. - This is an inital 3 month FTC. Salary is circa 65k (will be on prorata)
- Must be UK based.