Information Security Manager

Bristol Permanent £60,000 - £70,000
  • Information Security Manager - route to CISO in 2-3 years
  • Information Security Manager - ISO27001, Cyber Essentials+, CISSP

About Our Client

My client is an established multi-office law firm with HQ in Bristol.

Job Description

The main purpose of this role is to develop and manage the Information Security Framework across the firm, in line with business policy, industry best practice, SRA guidelines and Client contractual requirements.

More specifically you will:

Services

  • Coordinate internal efforts toward maintenance of relevant information security standards as the firm sees fit to adopt (e.g. ISO 27001) and a culture of continuous improvement
  • Ensure adherence to, communication and training of Information Security policies, procedures and guidelines
  • Manage the Information Security aspects of client bids, on-boarding and audits
  • Delivery of Information Security reporting, presentations and KPI's
  • Provide Representation on external Information Security groups



Information Security Management Framework

  • Increase awareness of Information Security Management across the firm through development of training, intranet communications and high level support (with the IT training team)
  • Support the Risk and Compliance team, COLP and COFA in their work to manage risk and security across the firm
  • Maintain appropriate Information Security risk registers and remediation measures with business managers, CCP and IT/Risk and Compliance managers
  • Co-ordinate all required policies and guidelines for Information Security and provide guidance to policy owners on how to achieve compliance with required standards
  • Co-ordinate and deliver the internal audit regime



Information Security

  • Ensure that all documentation complies with client requirements, ISO 27001 (or appropriate certifications) and business policy in order to safeguard confidentiality and integrity of business information
  • Manage, maintain and regularly review security and compliance regime for ISO 27001 and other appropriate certifications and business policy
  • Co-ordinate day to day monitoring, detection, prevention and operation of our security breach process
  • Produce of Information Security risk indicators including heat maps / models
  • Organise monthly Information Security Report showing trend analysis and client reports
  • Plan annual management review



Mangement of Client on-boarding

  • Respond to and support the bid process with regards to Information Security related issues
  • Manage response to Client's Information Security questionnaires
  • Implement Information Security controls for new clients and/or where new services are delivered
  • Coordinate and manage scheduled audits by external auditors or clients



Continuous Improvement

  • Ensure that all measures implemented are reviewed and audited regularly to meet the needs of auditors and ensure compliance
  • Identification of areas of improvement for risk management, recommending and implementing best practice where appropriate



Supplier management

  • Ensure Supplier DDQs are carried out and reviewed for suppliers
  • Support R&C with contract review in relation in InfoSec clauses and requirements

The Successful Applicant



Technical requirements:

  • Professionally qualified to one of CISSP/CISM/CISA with an awareness of applicable data privacy practices and laws
  • Good understanding of the technologies available in order to improve system availability and meet Business Continuity goals
  • ISO27001 / Cyber Essentials + implementation/audit experience.
  • Broad ranging consultancy skills (problem solving, change management, influencing, communication, research and data collection and analysis, process mapping, creative thinking, negotiation, etc.
  • An understanding of project management principles



More generally:

  • Outstanding communication skills
  • Experience working in a multi-site team
  • Ability to present ideas in business-friendly and user-friendly language across multiple geographies
  • Excellent understanding of the firm's goals and objectives
  • Ability to effectively prioritise and execute tasks in a high-pressure environment
  • Keen attention to detail in terms of both tasks and communications
  • Good interpersonal skills and able to interact with people at all levels
  • Able to command respect of highly technical teams and influence at senior levels of the firm

What's on Offer

£60,000 - £70,000 + additional benefits

Contact
Rory Kirkman
Quote job ref
JN-062021-2932715
Phone number
+44 117 906 5140

Job summary

Sector
Subsector
Location
Contract type
Consultant name
Rory Kirkman
Consultant phone
+44 117 906 5140
Job reference
JN-062021-2932715