Details:
- Salary: £70,000 - 80,000 - Annum
- Location: EC4M Old Bailey Greater London
- Date: 1 month ago
Description:
Information Security Analyst (GRC)
Are you passionate about driving information security to new heights?
We are seeking an Information Security Analyst (GRC) to join a leading law firm in London. In this role, you will implement crucial information security tasks, supporting the Head of Information Security (CISO) navigating two key streams in the organisational structure: Policy & Compliance and Operations.
The role offers hybrid working, 3 days a week in the London office.
Roles and Responsibilities:
* Assess vendor security aligned with ISO27001, NIST, CIS, and Cyber Essentials.
* Manage policy updates, risk tracking, and certification programs.
* Maintain information security tools and reporting activities.
* Support internal and external audits.
* Collaborate for tests, vulnerability uncovering, and audit trail.
* Drive security-by-design and incident management.
Qualifications and Experience:
* CISA, ISO/IEC 27001 Lead Auditor, or Implementer qualification.
* Experience in Audit, Risk programs coordination.
* CISSP, CISM, CISA or ISO certifications advantageous.
* Strong background in information security and risk.
* Proficiency in network testing, firewalls, SIEM, etc.
* Ability to mitigate vulnerabilities, manage patches.
* GRC experience in Infrastructure or Audit roles.
If you are ready to elevate your career in Information Security with a dynamic and forward-thinking firm, we invite you to click 'apply’ now