Information Security Manager - CISSP, CISSM, ISO27001, GDPR
Our mid-sized law firm client are currently looking to take on a new Information Security Manager (CISSP, CISSM, ISO27001, GDPR) on a permanent basis. Our client are a growing and ambitious law firm who are able to compete with some of the global powerhouses of the legal world, this new Information Security Manager (CISSP, CISSM, ISO27001, GDPR) is looking to be recruited for ASAP and will hopefully hit the ground running.
This role will be assisting in the modernisation and revamp of the entire technology department and will be a fantastic chance to work autonomously with chances to grow and improve the IT Security function. The environment is purely SaaS and very modern with a class leading technology setup.
to be considered for this Information Security Manager (CISSP, CISSM, ISO27001, GDPR) role, it's ideal that you have.
- 3-5 Years within IT Security Management
- Strong knowledge of ISO27001 and accreditation to back it.
- Thorough knowledge of GDPR
- Further IT Security accrediations such as CISSP/CISSM etc.
- Strong experience of stakeholder engagement
Main Duties
- Line management of the Information Security Analyst
- Oversees 3rd party service providers for 1st line cyber security incident and response, ensuring service levels and operational standards are met
- Identifies and monitors environmental and market trends and pro-actively assesses impact on business strategies, benefits and risks
- Leads the provision of authoritative advice and guidance on the requirements for security controls
- Reviews Information Security policy, standards and guidelines
- Ensures architectural principles are applied during design to reduce risk and drives adoption and adherence to policy, standards and guidelines
- Maintains and manages the Security Incident Response plans and affected processes
- Responsibility for oversight of Information Security initiatives, including client security questions, audit action points, phishing tests etc.
- Delivers projects in collaboration with other IT Team members to further improve the security posture of the firm