Information Security Analyst

Job Description
Information Security Analyst - Governance and Compliance
Information Security Analyst - Governance and Compliance - required by 700 user City Law Firm.
Reporting to the Head of InfoSec you will be responsible for supporting the governance, risk and compliance activities of the department, and ensuring security culture and processes are embedded across the firm. The role will include helping the firm maintain ISO270001 accreditation and compliance with other standards.
Other key responsibilities of the Information Security Analyst will include;
Maintaining ISMS related policies and procedures
Development and enhancement of InfoSec Policies, Procedures and relevant standards, and supporting documentation
Responding to client tender requests and client audit processes
Vendor Assurance - reviewing and assessing vendors against established tools/benchmarks
Working to help the firm maintain ISO27001 and PCI certifications
Provide an escalation path for information security issues, incidents and enquiries
Coordinate the production of relevant reports and statistical analysis required for ISMS Management Review
Supporting the training, induction and awareness program for employees
And you:
The ideal candidate for the Information Security Analyst position will have prior experience in an Information Security Governance and Compliance focused position (GRC).
You should have good knowledge of the Client Audit process in place in professional services or legal sector firms
An understanding of the IEC/ISO 27001 framework and experience with ISMS tooling
Experience in supporting and maintaining ISO27001 and Cyber Essentials PLUS aligned solutions
Knowledge of NIST, CISSP and GDPR
Recognised IS qualifications
This is a fantastic opportunity to join a prestigious firm working with best-of-breed technologies.
Information Security Analyst - Governance, Risk, and Compliance (GRC)