Information Security Officer/ Information Security Analyst – London – £55k base + benefits
Picture More have been mandated on behalf of a Global Tier 1 Law firm to identify a Information Security Officer to work within their Governance, Risk and Compliance team (GRC).
Developing and implementing global information security policies, standards, guidelines and procedures, and running the policy exceptions process.
Achieving, maintaining and expanding our ISO 27001 certification, in particular:
Supporting security governance by managing the inputs and outputs from the Security Committee, including metrics.
Managing the ISMS tools and documentation.
Risk assessing new systems and suppliers, working with IT.
Assessing compliance with client-specific security requirements.
Supporting internal security audit activities.
Developing new content and methods for security education and awareness.
Providing technical information security advice to the business.
Responding to client requests and external audit findings.
Managing the supplier security programme, including performing due diligence on key suppliers.
Assisting with day-to-day operational issues and incidents.
Building lasting and valuable relationships with internal stakeholders, especially IT and lawyers.
Please note this role is concerned with governance, risk and compliance elements of general information security; it is not a technical IT/Cyber Security role albeit a strong appreciation of IT and IT/Cyber Security concepts is undoubtedly required for this role to be successful.
Degree educated (technical degree or similar).
We would expect the successful candidate to have around four years’ experience in information security but may consider those with less or more experience providing they can demonstrate they meet the required competencies.
Strong knowledge of ISO 27001 and certification.