Role profile
Osborne Clarke are seeking an experienced Senior Information Security Analyst to join our growing IT department in either our Bristol or London office. This position will play a crucial role in developing and managing the Information Security Framework across the global firm, ensuring alignment with OC policy, industry best practice, the ISO 27001 standard, SRA guidelines, and Client contractual requirements. This is a 12 month fixed-term contract position offering hybrid working. The role The Senior Information Security Analyst will be a key member of the Information Security Team, deputising for the Information Security Manager and promoting collaboration, team working, and innovation. This role will involve leading the delivery of the Information Security Framework, increasing awareness of Information Security Management through training and communications, and supporting the R&C team, COLP, and COFA in managing risk and security. Other key responsibilities include: Information security management framework : Leading the delivery of the Information Security Framework and increasing awareness through training and communications. Supporting R&C team, COLP, and COFA in managing risk and security. Maintaining Information Security risk registers and remediation measures. Maintaining and reviewing the security and compliance regime for ISO 27001. Information security documentation:
Producing risk indicators, monthly reports, and annual management reviews. Client bids, on-boarding and due diligence : Responding to client Information Security questionnaires and completing scheduled audits by external auditors or clients. Continuous improvement:
Regularly reviewing and auditing measures to meet auditor needs and ensure compliance. Identifying and implementing areas for improvement in risk management. Supplier management:
Ensuring Supplier DDQs are carried out and reviewed. Supporting Risk & Compliance with contract reviews regarding InfoSec clauses. Ongoing tasks:
Updating Audit Plan, Risk Assessment, and associated paperwork. Reporting and metrics on ISMS Performance management. Maintaining Information Security Awareness programmes. Coordinating Global Information Security Policy. Managing internal and external audits. Actively managing personal training and development. We are looking for Outstanding communication skills. Experience leading and working in a multi-site, team-oriented environment. Lateral thinker and planner with a keen attention to detail. Honest, hard-working team player with leadership potential. Understanding of the Legal environment and Information Security landscape. Qualified as an ISO27001 Lead Auditor or similar. Professionally qualified to CISSP/CISM/CISA. Understanding of data privacy practices and laws
#J-18808-Ljbffr
Osborne Clarke are seeking an experienced Senior Information Security Analyst to join our growing IT department in either our Bristol or London office. This position will play a crucial role in developing and managing the Information Security Framework across the global firm, ensuring alignment with OC policy, industry best practice, the ISO 27001 standard, SRA guidelines, and Client contractual requirements. This is a 12 month fixed-term contract position offering hybrid working. The role The Senior Information Security Analyst will be a key member of the Information Security Team, deputising for the Information Security Manager and promoting collaboration, team working, and innovation. This role will involve leading the delivery of the Information Security Framework, increasing awareness of Information Security Management through training and communications, and supporting the R&C team, COLP, and COFA in managing risk and security. Other key responsibilities include: Information security management framework : Leading the delivery of the Information Security Framework and increasing awareness through training and communications. Supporting R&C team, COLP, and COFA in managing risk and security. Maintaining Information Security risk registers and remediation measures. Maintaining and reviewing the security and compliance regime for ISO 27001. Information security documentation:
Producing risk indicators, monthly reports, and annual management reviews. Client bids, on-boarding and due diligence : Responding to client Information Security questionnaires and completing scheduled audits by external auditors or clients. Continuous improvement:
Regularly reviewing and auditing measures to meet auditor needs and ensure compliance. Identifying and implementing areas for improvement in risk management. Supplier management:
Ensuring Supplier DDQs are carried out and reviewed. Supporting Risk & Compliance with contract reviews regarding InfoSec clauses. Ongoing tasks:
Updating Audit Plan, Risk Assessment, and associated paperwork. Reporting and metrics on ISMS Performance management. Maintaining Information Security Awareness programmes. Coordinating Global Information Security Policy. Managing internal and external audits. Actively managing personal training and development. We are looking for Outstanding communication skills. Experience leading and working in a multi-site, team-oriented environment. Lateral thinker and planner with a keen attention to detail. Honest, hard-working team player with leadership potential. Understanding of the Legal environment and Information Security landscape. Qualified as an ISO27001 Lead Auditor or similar. Professionally qualified to CISSP/CISM/CISA. Understanding of data privacy practices and laws
#J-18808-Ljbffr
