Information Security Lead (GRC/Cyber) - Law Firm

Published by Neal Fowler on March 20, 2024
Salary: £90-100k + 15% Bonus! 
Industry: Legal
Remote Working: Hybrid
Employment Type: full time
Location: Central London, United Kingdom

Job Responsibilities

  • Assist in the maintenance of the firm's information security policies and procedures
  • Monitor the firm's networks and systems for security breaches and investigate any incidents
  • Investigate reported security incidents
  • Work with IT teams to ensure that patching for vulnerabilities is carried out regularly and effectively
  • Conduct regular vulnerability assessments and internal penetration testing assessments
  • Ensure compliance with industry standards and regulations such as ISO 27001, Cyber Essentials Plus, etc.
  • Assist in the management of global InfoSec tools and services

Skills Required

  • Relevant InfoSec certifications such as Security+, CISSP, CISA, CEH, CySa+ etc.
  • Minimum of 3 years of experience in information security, within a legal or professional services environment
  • Knowledge of information security standards and regulations - ISO27001, Cyber Essentials+
  • Experience dealing with day-to-day security incidents, projects, monitoring, investigations, and supplier security questionnaires.
  • Additional knowledge of; Azure, M365, Business Continuity and Disaster Recovery Planning, Security Incident Response, Secure Development Processes (including OWASP) & Antivirus, Malware, threat hunting techniques and technologies

Hybrid working - This role offers a min of 2 days WFH.

Back to job listings

Apply for this position

Job Apply

Job Apply

Maximum upload size: 1MB