Information Security Officer
About the Role
Reporting to the IT Infrastructure Manager, this role is responsible for helping to deliver the security strategy through governance, risk management, alignment to best practice, project/design security assurance and security operations.
The post holder will primarily focus on building the InfoSec materials and processes; working with operational teams and the IT team to develop more secure working practices and embedding new ways of working through policy and procedure development.
Information Security Officer Duties will include:
* Support the IT Infrastructure Manager and Data Compliance Officer with the optimal management, development and support of the Royds Withy King Information Security priorities
* Create and apply privacy by design controls across the firm, ideally system-driven
* Responsible for the firm's Cyber Essentials programme and any future data-related certifications or accreditations
* Produce and maintain documentation of systems and applications
* Produce and maintain asset register
* Escalate incidents, suggesting and implementing initiatives to improve data security
* Ensure routine penetration testing and vulnerability scanning is carried out
* Produce policies and procedures to embed InfoSec across the firm
* Be responsible for the firm's data map with annual review and validation
* Work with the wider IT team on projects as required
Skills & Experience:
Previous experience of applying Information Security methodologies across an organisation, preferably with in-house IS experience rather than third party
Knowledge of Penetration Testing methodologies and Vulnerability Management and ability to scope and escalate results to remediation plans
Hands on experience with Risk Management Frameworks or best practice Risk Methodology such as IRAM2 or ISO27005 (Desirable)
Foundational Security Certification such as CISMP (Desirable)
Positive Attitude to Work- Approaches work with positivity and energy and thrives in a busy environment.
* Effective Communicator- Clearly conveys information and ideas through the relevant media. Speaks in Plain English.
* Self Aware- Recognises personal strengths and weaknesses and uses that knowledge to interact positively with others. Maintains a professional impression.
* Team Player- Actively participates as a member of a team. Develops and maintains relationships with others.
* Resilient- Functions effectively under pressure and handles difficult circumstances in a manner that is acceptable to others and Royds Withy King.
* Open to Change- Receptive to new ways of working with the ability to be flexible in approaching tasks and problems.
We are a progressive UK Top 100 law firm known for our commercial, private client, clinical negligence and personal injury work. We were the winner of the Managing Partners' Forum 'Best Managed Firm' award for 2019.
Our firm has 470 people with offices in Bath, Oxford, London, Swindon and Marlborough.
At Royds Withy King, people come first. Our brand is built around being 'Ahead of the Curve'. By this we mean always trying to put ourselves in our clients' shoes, looking ahead to the future, anticipating their needs and coming up with solutions.
We also pride ourselves on providing a brilliant place to work. We recognise that investing in our people and their career is the only way we can succeed in achieving what is best for our clients. Our friendly, accessible and supportive culture is incredibly important to us and we are continually looking at new ways to nurture and enhance it. Our people tell us that this is a firm with a flat structure, where everyone has a voice and everyone's opinions matter