Information Security Analyst

Full Job Description

Information Security Analyst - Governance and Compliance

Information Security Analyst - Governance and Compliance - required by 700 user City Law Firm.

Reporting to the Head of InfoSec you will be responsible for supporting the governance, risk and compliance activities of the department, and ensuring security culture and processes are embedded across the firm. The role will include helping the firm maintain ISO270001 accreditation and compliance with other standards.

Other key responsibilities of the Information Security Analyst will include;

• Maintaining ISMS related policies and procedures
• Development and enhancement of InfoSec Policies, Procedures and relevant standards, and supporting documentation
• Responding to client tender requests and client audit processes
• Vendor Assurance - reviewing and assessing vendors against established tools/benchmarks
• Working to help the firm maintain ISO27001 and PCI certifications
• Provide an escalation path for information security issues, incidents and enquiries
• Coordinate the production of relevant reports and statistical analysis required for ISMS Management Review
• Supporting the training, induction and awareness program for employees

And you:

• The ideal candidate for the Information Security Analyst position will have prior experience in an Information Security Governance and Compliance focused position (GRC).
• You should have good knowledge of the Client Audit process in place in professional services or legal sector firms
• An understanding of the IEC/ISO 27001 framework and experience with ISMS tooling
• Experience in supporting and maintaining ISO27001 and Cyber Essentials PLUS aligned solutions
• Knowledge of NIST, CISSP and GDPR
• Recognised IS qualifications

This is a fantastic opportunity to join a prestigious firm working with best-of-breed technologies.

Information Security Analyst - Governance, Risk, and Compliance (GRC)