Information Security Manager – CEH, CISSP, CISM,

Our international law firm client are currently looking to take on a new Information Security Manager (CEH, CISSP, CISM) on a permanent basis. The role will work closely with the firm's Information Governance Manager and the information security team, and will ensure that technical aspects of policies, procedures and protocols are carefully developed and delivered through projects and continuous operational improvements.

The role will also be responsible for ensuring the successful definition, approach, governance, and execution of technology projects, principally those which focus on information security.

Information Security Manager (CEH, CISSP, CISM)

• 2 + Years experience within IT Security
• Relevant certifications (CEH, CISSP, CISM CompTIA Sec+)
• Ideally law firm experience
• ISO27001 Knowledge

Job responsibilities

• Lead on security and proper handling, storage, and deletion of the Firm's and client data.
• Continually improve how we manage client and other data.
• Build and maintain excellent working relationships with key colleagues across the Firm such as the Information Governance Manager, Risk & Compliance, Technology Delivery and suppliers.
• Facilitate and conduct Data Privacy Impact Assessments for our data sharing arrangements, new software, and new products.
• Work with the software and development, business operations and delivery functions to guide and ensure security principles/procedures are understood and applied consistently.
• In collaboration with the Risk team, ensure the proper application of data protection law and reliance on appropriate legal gateways to data processing mindful of the potential risks.
• Mitigate privacy risks and advise on potential solutions and changes to processes / policies proposed to aid both their legal and practical application.
• Lead on data protection and security requirements for the Firm's digital (cloud) transformation.
• Proactively provide hands–on information security and privacy subject matter expert support and act as a single point of contact for queries, escalating where necessary to central teams.
• Support the Information Governance Manager and Head of Cyber with the development and roll–out of new and updated data protection and privacy policies, processes and services, to help drive business alignment.
• Work with the IT Technology Delivery Team in the planning, execution and completion of multiple projects.
• Manage any third–party suppliers as required.
• Ensure all handover, support and systems documentation is produced and signed off, and all relevant support processes and roles are in place to support operations.
• Work with the cyber security team to ensure that applications and related working practices meet all applicable technical and information security practices and standards.
• Any other ad hoc duties as and when required.