Information Security Officer - Manchester - £50K+
Reporting to the CTO you will be responsible for providing the first point of contact for all information security related events with the business. Own, drive and uphold the ISO27001 accreditation. Working with IT and the Risk and Compliance functions, map informational risk and implement technologies or develop processes to mitigate risk.
Main Duties:
* Chair the ISMF monthly meeting.
* Support the CTO with an active risk ledger and mitigation which feeds into the firm’s risk committee.
* Respond to and represent the business internally and externally on all matters around information security.
* Develop internal process and implement across the target teams.
* Liaise with the ISO accreditation organisation.
* Structure and deliver internal security audits.
* Develop and uphold educational support around information security.
* Work with Risk & Compliance to continue to develop the firms’ BCP arrangements complete with a test regime.
* Search and select appropriate technologies to solution real risk issues.
* Profile risk in and beyond the business with presentations and articles.
* Be involved and guide all projects from a security and continuity perspective.
* To be responsible for shaping, delivering and constantly developing the security agenda for the business.
Key Skills:
* Demonstrate ability to identify root cause of and resolve issues relating to data security.
* Demonstrable ability to deliver robust IT controls and best practice within ISO 27001 framework.
* Understanding of current information systems, predominantly Microsoft, and their security features/requirements.
* Clear ability to engage with both technical and non-technical audiences.
* Ability to contribute towards tender documentation and materials for prospective new clients.
* Understanding of perimeter security (including firewalls remediation networks, identify services management).
* Experience of disaster recovery and business continuity.
* Good communication and documentation skills.
* Thorough and meticulous planning abilities.
Experience:
* CISM or CISA required, also ISACA or CISSP certification is desirable.
* Experience within a large banking, financial or professional services environment.
* Knowledge of business and technical auditing is desirable.
* Sound knowledge of ISO 27001.
This is a fantastic opportunity for a Security Officer to join one of the most innovative and fast growing Law firms in the UK.![]()
Reporting to the CTO you will be responsible for providing the first point of contact for all information security related events with the business. Own, drive and uphold the ISO27001 accreditation. Working with IT and the Risk and Compliance functions, map informational risk and implement technologies or develop processes to mitigate risk.
Main Duties:
* Chair the ISMF monthly meeting.
* Support the CTO with an active risk ledger and mitigation which feeds into the firm’s risk committee.
* Respond to and represent the business internally and externally on all matters around information security.
* Develop internal process and implement across the target teams.
* Liaise with the ISO accreditation organisation.
* Structure and deliver internal security audits.
* Develop and uphold educational support around information security.
* Work with Risk & Compliance to continue to develop the firms’ BCP arrangements complete with a test regime.
* Search and select appropriate technologies to solution real risk issues.
* Profile risk in and beyond the business with presentations and articles.
* Be involved and guide all projects from a security and continuity perspective.
* To be responsible for shaping, delivering and constantly developing the security agenda for the business.
Key Skills:
* Demonstrate ability to identify root cause of and resolve issues relating to data security.
* Demonstrable ability to deliver robust IT controls and best practice within ISO 27001 framework.
* Understanding of current information systems, predominantly Microsoft, and their security features/requirements.
* Clear ability to engage with both technical and non-technical audiences.
* Ability to contribute towards tender documentation and materials for prospective new clients.
* Understanding of perimeter security (including firewalls remediation networks, identify services management).
* Experience of disaster recovery and business continuity.
* Good communication and documentation skills.
* Thorough and meticulous planning abilities.
Experience:
* CISM or CISA required, also ISACA or CISSP certification is desirable.
* Experience within a large banking, financial or professional services environment.
* Knowledge of business and technical auditing is desirable.
* Sound knowledge of ISO 27001.
This is a fantastic opportunity for a Security Officer to join one of the most innovative and fast growing Law firms in the UK.