Job Responsibilities
- Assist in the maintenance of the firm's information security policies and procedures
- Monitor the firm's networks and systems for security breaches and investigate any incidents
- Investigate reported security incidents
- Work with IT teams to ensure that patching for vulnerabilities is carried out regularly and effectively
- Conduct regular vulnerability assessments and internal penetration testing assessments
- Ensure compliance with industry standards and regulations such as ISO 27001, Cyber Essentials Plus, etc.
- Assist in the management of global InfoSec tools and services
Skills Required
- Relevant InfoSec certifications such as Security+, CISSP, CISA, CEH, CySa+ etc.
- Minimum of 3 years of experience in information security, within a legal or professional services environment
- Knowledge of information security standards and regulations - ISO27001, Cyber Essentials+
- Experience dealing with day-to-day security incidents, projects, monitoring, investigations, and supplier security questionnaires.
- Additional knowledge of; Azure, M365, Business Continuity and Disaster Recovery Planning, Security Incident Response, Secure Development Processes (including OWASP) & Antivirus, Malware, threat hunting techniques and technologies
Hybrid working - This role offers a min of 2 days WFH.