Information Security Analyst
Posted a month ago
- London, Greater London
- Any
- External
- Expires In 2 months
The role of the Information Security Analyst is committed to
maintaining the highest level of data security and protecting our
systems from threats. As part of our ongoing efforts to enhance our
information security posture, we are seeking a skilled and motivated
Information Security Analyst to join our team.
Osborne Clarke
Osborne Clarke is a future-focused international legal practice with
over 300 Partners and more than 1,080 talented lawyers in 26 offices
around the world*. Our three-dimensional approach to client service
combines legal expertise, in-depth understanding of our clients and
the sectors they operate in, together with insight into the global
issues that are transforming the landscape of how we live, work and do
business: Decarbonisation, Digitalisation and Urban Dynamics. Looking
around corners to help our clients solve legal and business
challenges, big and small, and harness the opportunities of change -
together we'll be ready for what's next.
We love working closely with our clients on new deals, products and
solutions which will transform their businesses, markets and even
sectors. And our unique approachable culture is not an added extra,
it's fundamental to our success.
Job description:
As an Information Security Analyst, you will play a crucial role in
safeguarding our organisation's assets from potential threats. You
will be responsible for raising awareness with colleagues, assessing
risks, implementing controls, and ensuring compliance with industry
standards and best practices.
Key responsibilities include:
Developing, maintaining and publishing ISMS documentation
(processes, procedures and guidelines), ensuring overall governance
and continual improvement of information security controls.
Maintaining conformance with ISO 27001, including adaptation of
the ISMS to meet evolved structure and requirements of ISO
27002:#####, and other applicable standards.
Helping expand the scope of ISO 27001 certification to include
other international entities of the firm, especially with local
processes, risks, controls, internal and external audits and
management review
Stay up to date with the latest trends, technologies, and
regulatory requirements. Maintain and share awareness of security
industry trends including evaluation of new and emerging security
technologies and make recommendations to stakeholders
Continuing to enhance the firms security culture through awareness
programmes and training
Working with departments and systems across the business to
conduct security risk assessments and carry out treatment plans.
Planning and performing periodic internal audits and compliance
activities, supporting internal or external security audit
processes, defining and implementing any required remediation activities.
Assisting with investigation and triage of any security incidents
or issues reported, including use of monitoring activities,
scanning/test tools and results to determine potential weaknesses,
threat patterns, and trends.
Ensuring resolution, root cause analysis and coordination of
remediation activities to ensure effective tracking to closure of
potential security breaches, attacks or policy violations.
Help respond to customer requests for information security
compliance, controls and contractual measures.
Prepare and present reports on security incidents, risks, and
mitigation strategies to management and stakeholders.
Carry out supplier due diligence, monitoring and regular review of
performance, including supplier audits.
What we're looking for:
The successful candidate will need to have proven experience in a
similar role and professional certification in Information Security
(e.g. CISSP, CISMP, Lead ISMS Implementer or Auditor). You'll also
need to demonstrate the following:
General
Strong interpersonal and communication skills (spoken, written and
presentation) able to work with, influence and educate people at all levels
Broad ranging consultancy skills (problem solving, change
management, influencing, communication, research and data collection
and analysis, process mapping, creative thinking, negotiation)
Credible and effective thinker and planner, with good
understanding of the firm's goals and objectives
Excellent attention to detail in terms of task planning, execution
and communication
Ability to present ideas in business-friendly and user-friendly
language across multiple geographies
Highly organised and outcome focussed
Proactive in the face of challenges, keen to enjoy work and make
an effective contribution
Able to effectively prioritise and execute tasks within a
fast-paced environment
Excellent analytical and problem solving skills.
Strong communication and collaboration abilities.
Technical
Trained as an auditor in ISO management systems, ideally ISO 27001
but relevant others also considered.
Strong knowledge of certifications and standards such as ISO
27001, Cyber Essentials (plus), ISO 22301 and/or NIST controls
Good awareness of IT security measures, best practices and
industry standards.
Experience with incident response procedures and tools.
Good understanding of cyber security and technology
Knowledge of cloud security or services, especially Azure
Knowledge of Office 365
Practical and/or theoretical knowledge of security protocols and
tools such as ZScaler
Salary and benefits
We offer competitive salaries and generous
benefits
For more information or to apply
We would very much welcome your application using the link provided.
Should you have any questions about the role, or would like to find
out more about the firm, please contact Dan Jones or Tim Jenkins at
##### /
#####
At Osborne Clarke we value
difference and encourage applicants from all social backgrounds,
ethnicities, disabilities, gender identities, and sexual or romantic
orientations. We want everyone to feel that OC is a place where you
can be yourself and where you belong, and our range of interest groups
and
diversity networks - not
to mention our great teams - are a part of making that a reality.
Being an
inclusive employer is
important to us and we are committed to ensuring every applicant's
recruitment experience is free from unnecessary barriers. We have made
a number of external commitments such as the Race Fairness Commitment
and Women in Law Pledge, and are working with organisations like
Stonewall to become a more inclusive employer. We want you to be able
to show us your best during the recruitment process. If you require
any
adjustments to be made during
the application, interview process or when working with us, please let
us know.
We support working families via a range of family and caring friendly
policies and will accommodate flexible working where we can. We value
the health and wellbeing of our people: for example, we're signatories
to the Mindful Business Charter, have an active network of mental
health champions and offer
free initiatives and flexible
benefits to all our people.
Although we include closing dates for our roles as a guide, we review
and progress applications on a rolling basis.
*Services in India are provided by a relationship firm
#J-18808-Ljbffr
maintaining the highest level of data security and protecting our
systems from threats. As part of our ongoing efforts to enhance our
information security posture, we are seeking a skilled and motivated
Information Security Analyst to join our team.
Osborne Clarke
Osborne Clarke is a future-focused international legal practice with
over 300 Partners and more than 1,080 talented lawyers in 26 offices
around the world*. Our three-dimensional approach to client service
combines legal expertise, in-depth understanding of our clients and
the sectors they operate in, together with insight into the global
issues that are transforming the landscape of how we live, work and do
business: Decarbonisation, Digitalisation and Urban Dynamics. Looking
around corners to help our clients solve legal and business
challenges, big and small, and harness the opportunities of change -
together we'll be ready for what's next.
We love working closely with our clients on new deals, products and
solutions which will transform their businesses, markets and even
sectors. And our unique approachable culture is not an added extra,
it's fundamental to our success.
Job description:
As an Information Security Analyst, you will play a crucial role in
safeguarding our organisation's assets from potential threats. You
will be responsible for raising awareness with colleagues, assessing
risks, implementing controls, and ensuring compliance with industry
standards and best practices.
Key responsibilities include:
Developing, maintaining and publishing ISMS documentation
(processes, procedures and guidelines), ensuring overall governance
and continual improvement of information security controls.
Maintaining conformance with ISO 27001, including adaptation of
the ISMS to meet evolved structure and requirements of ISO
27002:#####, and other applicable standards.
Helping expand the scope of ISO 27001 certification to include
other international entities of the firm, especially with local
processes, risks, controls, internal and external audits and
management review
Stay up to date with the latest trends, technologies, and
regulatory requirements. Maintain and share awareness of security
industry trends including evaluation of new and emerging security
technologies and make recommendations to stakeholders
Continuing to enhance the firms security culture through awareness
programmes and training
Working with departments and systems across the business to
conduct security risk assessments and carry out treatment plans.
Planning and performing periodic internal audits and compliance
activities, supporting internal or external security audit
processes, defining and implementing any required remediation activities.
Assisting with investigation and triage of any security incidents
or issues reported, including use of monitoring activities,
scanning/test tools and results to determine potential weaknesses,
threat patterns, and trends.
Ensuring resolution, root cause analysis and coordination of
remediation activities to ensure effective tracking to closure of
potential security breaches, attacks or policy violations.
Help respond to customer requests for information security
compliance, controls and contractual measures.
Prepare and present reports on security incidents, risks, and
mitigation strategies to management and stakeholders.
Carry out supplier due diligence, monitoring and regular review of
performance, including supplier audits.
What we're looking for:
The successful candidate will need to have proven experience in a
similar role and professional certification in Information Security
(e.g. CISSP, CISMP, Lead ISMS Implementer or Auditor). You'll also
need to demonstrate the following:
General
Strong interpersonal and communication skills (spoken, written and
presentation) able to work with, influence and educate people at all levels
Broad ranging consultancy skills (problem solving, change
management, influencing, communication, research and data collection
and analysis, process mapping, creative thinking, negotiation)
Credible and effective thinker and planner, with good
understanding of the firm's goals and objectives
Excellent attention to detail in terms of task planning, execution
and communication
Ability to present ideas in business-friendly and user-friendly
language across multiple geographies
Highly organised and outcome focussed
Proactive in the face of challenges, keen to enjoy work and make
an effective contribution
Able to effectively prioritise and execute tasks within a
fast-paced environment
Excellent analytical and problem solving skills.
Strong communication and collaboration abilities.
Technical
Trained as an auditor in ISO management systems, ideally ISO 27001
but relevant others also considered.
Strong knowledge of certifications and standards such as ISO
27001, Cyber Essentials (plus), ISO 22301 and/or NIST controls
Good awareness of IT security measures, best practices and
industry standards.
Experience with incident response procedures and tools.
Good understanding of cyber security and technology
Knowledge of cloud security or services, especially Azure
Knowledge of Office 365
Practical and/or theoretical knowledge of security protocols and
tools such as ZScaler
Salary and benefits
We offer competitive salaries and generous
benefits
For more information or to apply
We would very much welcome your application using the link provided.
Should you have any questions about the role, or would like to find
out more about the firm, please contact Dan Jones or Tim Jenkins at
##### /
#####
At Osborne Clarke we value
difference and encourage applicants from all social backgrounds,
ethnicities, disabilities, gender identities, and sexual or romantic
orientations. We want everyone to feel that OC is a place where you
can be yourself and where you belong, and our range of interest groups
and
diversity networks - not
to mention our great teams - are a part of making that a reality.
Being an
inclusive employer is
important to us and we are committed to ensuring every applicant's
recruitment experience is free from unnecessary barriers. We have made
a number of external commitments such as the Race Fairness Commitment
and Women in Law Pledge, and are working with organisations like
Stonewall to become a more inclusive employer. We want you to be able
to show us your best during the recruitment process. If you require
any
adjustments to be made during
the application, interview process or when working with us, please let
us know.
We support working families via a range of family and caring friendly
policies and will accommodate flexible working where we can. We value
the health and wellbeing of our people: for example, we're signatories
to the Mindful Business Charter, have an active network of mental
health champions and offer
free initiatives and flexible
benefits to all our people.
Although we include closing dates for our roles as a guide, we review
and progress applications on a rolling basis.
*Services in India are provided by a relationship firm
#J-18808-Ljbffr
.webp "Apply4U | Sign Up")
.webp "Apply4U | Contact Us")
.webp "Apply4U | Sign up")
