Online since 1999 | 9,563 IT Jobs Live NOW

Information Security Officer

Premium Job From Michael Page
Recruiter: Michael Page
Listed on: 25th August
Location: Bristol
Salary/Rate: £55,000 - £65,000
Type: Permanent
Start Date: ASAP

The main purpose of this role is to develop and manage the Information Security Framework across the firm, in line with policy, industry best practice, SRA guidelines and Client contractual requirements.

Client Details

My client is an established multi-office law firm with HQ in Bristol.


The main purpose of this role is to develop and manage the Information Security Framework across the firm, in line with business policy, industry best practice, SRA guidelines and Client contractual requirements.

More specifically you will:


  • Coordinate internal efforts toward maintenance of relevant information security standards as the firm sees fit to adopt (e.g. ISO 27001) and a culture of continuous improvement
  • Ensure adherence to, communication and training of Information Security policies, procedures and guidelines
  • Manage the Information Security aspects of client bids, on-boarding and audits
  • Delivery of Information Security reporting, presentations and KPI's
  • Provide Representation on external Information Security groups

Information Security Management Framework

  • Increase awareness of Information Security Management across the firm through development of training, intranet communications and high level support (with the IT training team)
  • Support the Risk and Compliance team, COLP and COFA in their work to manage risk and security across the firm
  • Maintain appropriate Information Security risk registers and remediation measures with business managers, CCP and IT/Risk and Compliance managers
  • Co-ordinate all required policies and guidelines for Information Security and provide guidance to policy owners on how to achieve compliance with required standards
  • Co-ordinate and deliver the internal audit regime

Information Security

  • Ensure that all documentation complies with client requirements, ISO 27001 (or appropriate certifications) and business policy in order to safeguard confidentiality and integrity of business information
  • Manage, maintain and regularly review security and compliance regime for ISO 27001 and other appropriate certifications and business policy
  • Co-ordinate day to day monitoring, detection, prevention and operation of our security breach process
  • Produce of Information Security risk indicators including heat maps / models
  • Organise monthly Information Security Report showing trend analysis and client reports
  • Plan annual management review

Mangement of Client on-boarding

  • Respond to and support the bid process with regards to Information Security related issues
  • Manage response to Client's Information Security questionnaires
  • Implement Information Security controls for new clients and/or where new services are delivered
  • Coordinate and manage scheduled audits by external auditors or clients

Continuous Improvement

  • Ensure that all measures implemented are reviewed and audited regularly to meet the needs of auditors and ensure compliance
  • Identification of areas of improvement for risk management, recommending and implementing best practice where appropriate

Supplier management

  • Ensure Supplier DDQs are carried out and reviewed for suppliers
  • Support R&C with contract review in relation in InfoSec clauses and requirements


Technical requirements:

  • Professionally qualified to one of CISSP/CISM/CISA with an awareness of applicable data privacy practices and laws
  • Good understanding of the technologies available in order to improve system availability and meet Business Continuity goals
  • ISO27001 / Cyber Essentials + implementation/audit experience.
  • Broad ranging consultancy skills (problem solving, change management, influencing, communication, research and data collection and analysis, process mapping, creative thinking, negotiation, etc.
  • An understanding of project management principles

More generally:

  • Outstanding communication skills
  • Experience working in a multi-site team
  • Ability to present ideas in business-friendly and user-friendly language across multiple geographies
  • Excellent understanding of the firm's goals and objectives
  • Ability to effectively prioritise and execute tasks in a high-pressure environment
  • Keen attention to detail in terms of both tasks and communications
  • Good interpersonal skills and able to interact with people at all levels
  • Able to command respect of highly technical teams and influence at senior levels of the firm

Job Offer

£55,000 - £65,000 + additional benefits

Contact Name: Rory Kirkman
Reference: TJ/9082/JN -062021-2932715_1629889853
Job ID: 2971360

Browse all skill types