Information Security Officer - Risk and Audit

Information Security Officer - Risk and Audit

Permanent - 38k - 42k

Location - Hybrid based out of either Taunton or Bristol

Sponsorship and short-term visa applicants cannot be considered. Sorry!

Your new company

A leading law firm with numerous offices across the UK, who have numerous initiatives and projects in place to improve the positive impact the business has on environmental, social and governance.

Your new role

You will be reporting to the Head of Information Security and Data Protection. You will be responsible for a number of important functions within the Information Security and Data Protection Team, including:

• Conducting internal ISO27001 audits, with a focus on Information Security, IT, and technology.
• Assisting with conducting risk assessments and due diligence checks for projects, new technology and suppliers.
• Conducting meetings with risk and project owners to ensure risks and audit outcomes are managed to completion.
• Promoting discussion on potential solutions for information security improvements.
• Helping to improve information security awareness throughout the firm through training and practical advice.
• Assisting the Infosec and Data Protection team in monitoring changes in the risk landscape through learning and knowledge sharing.
• Keeping audit, risk and procedural documentation up to date.
• Due to being a part of a small team, you will need flexibility in being able to administrate infosec incidents and assist with other IS/DP projects.

What you'll need to succeed

You will have an IT-based information security experience and an understanding of data privacy. Ideally, you will also have

• ISO27001 audit experience and/or experience in IT risk assessments or supplier due diligence.
• Strong stakeholder engagement skills.
• The ability to work re- and proactively when it comes to information security risks.
• Strong verbal and written communication skills.

What you'll get in return

• Salary of 38k-40k
• Flexible working
• 'Mainly remote' role - once a month(ish) team meet ups, and ability to be on site should there be a major breach or incident.

What you need to do now

If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)