With nearly 500 staff and 50 partners this law firm optimises multi-disciplinary teamwork and straightforward, relevant advice. This is further validated via a client base of blue chip organisations in a variety of industries, including: manufacturing, retail, corpfinance, technology and media, energy and renewables, public sector, infrastructure and real estate and private equity.
The role:
HarveyNash have been engaged by a prestigious law firm to source an experienced Cyber Security / IT Security Officer in order to ensure the consistent provision of appropriate security measures proportionate to current security risks.
With nearly 500 staff and 50 partners this law firm optimises multi-disciplinary teamwork and straightforward, relevant advice. This is further validated via a client base of blue chip organisations in a variety of industries, including: manufacturing, retail, corpfinance, technology and media, energy and renewables, public sector, infrastructure and real estate and private equity.
Responsibilities:
- Work closely with related teams to identify and report on emerging cyber and IT Security risks and trends; author mitigation reports on those risks/trends and manage the agreed mitigation action
- Communicate all incidents and issues to department heads (IT and Risk) and the board. Coordinate and oversee investigations, identifying key tasks and manage remediations.
- Oversee all Vulnerability testing and patch management as it relates to IT / Cyber security
- SME for both clients and 3rd party suppliers as it relates to information security (ours / theirs), of which includes leading client assessment activities regarding remediation and IT controls.
- Organise and oversee all aspects of Pen-testing and the annual Cyber Essentials Plus Recertification, included but not limited to management of remediation tasks identified during the process.
- Work with the BCS Group to forecast and mitigate information security incidents
- Manage the entire IT / Cyber Security policy compliance and ensuring internal / regulatory standards are upheld
- Manage internal staff training such that all staff are versed on IT / Cyber security for their role in the organisation
- Support the adoption of ISO27001 and other regulatory frameworks to the highest standards.
Information Security:
- Ensure that all data and client information is dealt with in line with the firms policies and procedures
- Contribute to developing a culture of cyber security awareness by engaging in firm initiatives
- Ensure all concerns related to information security are reported
- Assist in the achievements of the firm security objectives published in the information security manual
Experience:
- Experience of technical control practices gained through working in relevant IT roles (IT Operations / Security / Infrastructure)
- Experience overseeing, managing and investigating breaches in cyber security or incidents relating to periphery concerns
- Essential: experience in IT Vulnerability and remediation
- High-level experience of ISO 27001 Info Security Standard and GDPR including how to handle personal or sensitive data.
Skills:
- Pragmatic approach to solving complex problems
- Data analysis and presentation
- Time management and organisation
- Strong English skills both written and verba
- Highly numerate individual
If the above has piqued your interest and you would like to be considered for the opportunity, please do not hesitate to apply. If you would like further information via a confidential conversation, I can be reached @ Junayd.Moughal@HarveyNash.com