Please answer the following questions in order to process your application.
Select your working status in the UK *
File Attachments:
(2MB file maximum. doc, docx, pdf, rtf or txt files only)
* denotes required field
Additional Information:
Availability/Notice
Salary Expectation GBP
Approximately how far are you willing to travel to work (in miles) ?
Key Privacy Information
When you apply for a job, JobServe will collect the information you provide in the application and disclose it to the advertiser of the job.
If the advertiser wishes to contact you they have agreed to use your information following data protection law.
JobServe will keep a copy of the application for 90 days.
More information about our Privacy Policy.
Job Details
Information Security Analyst - Law Firm (Technical/GRC) (Permanent)
Location: Central London Country: UK Rate: £75-80k + Benefits
Job Responsibilities
The role of the Information Security Analyst will implement information security related tasks and focused on support and delivery, as advised and requested by the Head of Information Security (CISO). There are two streams of the organisational structure, Policy & Compliance and Technical Operations.
- Vendor security assessments in line with ISO27001, NIST, CIS, Cyber Essentials
- Policy updates/Risk management - tracking creation and review
- Maintain certification programmes and all coordination activity
- Document security breaches and assess the damage they cause and support the wider team
- Work with the security team and the wider IT team and external security partners to perform tests and uncover vulnerabilities and record and track for auditability and reporting
- Maintain company-wide best practices policy for security/Network/Software/Wi-Fi/Cloud/Messaging etc..
- Assist in performing penetration testing/Monitoring and recording Risk and assessment.
- Technical design authority & project review support
- Change delivery and security by design
- Security incident management and support
Skills Required
- Certified Information Systems Auditor (CISA), or ISO/IEC 27001 Lead Auditor or Implementer qualification
- Experience coordinating Audit, Risk programmes
- Certified Information Systems Security Professional (CISSP) would be beneficial
- Experience with computer network penetration testing and techniques
- Understanding of Firewalls, proxies, SIEM, antivirus, and IDPS concepts
- Understanding of patch management with the ability to deploy patches
- Demonstrable experience facilitating IT Control audit activities.
- Experience working with large and extended Operational and Engineering teams
This role offers hybrid working - 2 days WFH/3 days office based. But requires someone flexible for this to increase/decrease Dependent on workload.
Posted Date: 22 Mar 2024
Reference: JSISATCLNF
Employment Agency: Latcom Plc
Contact: Neal Fowler