Information Security Analyst

Award winning law firm Osborne Clarke are looking for an Information Security Analyst to join their growing Information Security team in either our Bristol or London office.

This is a permanent role offering hybrid working, and we are happy to discuss further flexible working arrangements.

Osborne Clarke

Osborne Clarke is a future-focused international legal practice with over 300 Partners and more than 1,080 talented lawyers in 26 offices around the world*. Our three-dimensional approach to client service combines legal expertise, in-depth understanding of our clients and the sectors they operate in, together with insight into the global issues that are transforming the landscape of how we live, work and do business: Decarbonisation, Digitalisation and Urban Dynamics. Looking around corners to help our clients solve legal and business challenges, big and small, and harness the opportunities of change - together we'll be ready for what's next.

We love working closely with our clients on new deals, products and solutions which will transform their businesses, markets and even sectors. And our unique approachable culture is not an added extra, it's fundamental to our success.

Key responsibilities include:

• Developing, maintaining and publishing ISMS documentation (processes, procedures and guidelines), ensuring overall governance and continual improvement of Information Security controls.
• Maintaining conformance with ISO 27001, including adaptation of the ISMS to meet evolved structure and requirements of ISO 27002:2022, and other applicable standards.
• Helping expand the scope of ISO 27001 certification to include other international entities of the firm, especially with local processes, risks, controls, internal and external audits and management review
• Working with departments and systems across the business to carry out and regularly review Information Security risk assessments and treatment plans.
• Planning and performing periodic internal audits and compliance activities, supporting internal or external security audit processes, defining and implementing any required remediation activities.
• Assisting with investigation and triage of any security incidents or issues reported, including use of monitoring activities, scanning/test tools and results to determine potential weaknesses, threat patterns, and trends.
• Ensuring resolution, root cause analysis and coordination of remediation activities to ensure effective tracking to closure of potential security breaches, attacks or policy violations.
• Help respond to customer requests for Information Security compliance, controls and contractual measures.
• Carry out supplier due diligence, monitoring and regular review of performance, including supplier audits.
• Maintaining and sharing awareness of security industry trends including evaluation of new and emerging security technologies and recommendations to stakeholders

What we're looking for:

The successful candidate will need to have proven experience in a similar role and professional certification in Information Security (e.g. CISSP, CISMP, Lead ISMS Implementer or Auditor). You'll also need to demonstrate the following:

Technical

• Trained as an auditor in ISO management systems, ideally ISO 27001 but relevant others also considered.
• Good awareness of certifications and standards such as ISO 27001, Cyber Essentials (plus), ISO 22301 and/or NIST controls
• Strong interest in cyber security and technology
• Good awareness of IT security measures
• Knowledge of cloud security or services, especially Azure
• Knowledge of Office 365
• Practical and/or theoretical knowledge of security protocols and tools such as ZScaler

General

• Strong interpersonal and communication skills (spoken, written and presentation) able to work with and influence people at all levels
• Broad ranging consultancy skills (problem solving, change management, influencing, communication, research and data collection and analysis, process mapping, creative thinking, negotiation)
• Credible and effective thinker and planner, with good understanding of the firm's goals and objectives
• Good attention to detail in terms of task planning, execution and communication
• Ability to present ideas in business-friendly and user-friendly language across multiple geographies
• Highly organised and outcome focussed
• Proactive in the face of challenges, keen to enjoy work and make an effective contribution
• Able to effectively prioritise and execute tasks within a fast-paced environment

Salary and benefits

We offer competitive salaries and generous benefits.

For more information or to apply

We would very much welcome your application using the link provided. Should you have any questions about the role, or would like to find out more about the firm, please contact Dan Jones in the recruitment team on dan.jones@osborneclarke.com.

No agencies please.

*Services in India are provided by a relationship firm

Please note that although we include closing dates for our roles as a guide, we review and progress applications on a rolling basis.

At Osborne Clarke we value difference and encourage applicants from all social backgrounds, ethnicities, disabilities, gender identities, and sexual or romantic orientations. We want everyone to feel that OC is a place where you can be yourself and where you belong, and our range of interest groups and diversity networks - not to mention our great teams - are a part of making that a reality.

We support working families via a range of family and caring friendly policies and will accommodate flexible working where we can. We value the health and wellbeing of our people: for example, we're signatories to the Mindful Business Charter, have an active network of mental health champions and offer free initiatives and flexible benefits to all our people.

Being an inclusive employer is important to us. We have made a number of external commitments such as the Race Fairness Commitment and Women in Law Pledge, and are working with organisations like Stonewall to become a more inclusive employer.

Osborne Clarke is a Living Wage Employer, so we're committed to paying everybody in our business enough to live on and to enable them to save for the future.

We want you to be able to show us your best during the recruitment process. If you require any adjustments to be made during the application, interview process or when working with us, please let us know.