In this role you will supervise and improve the quality and consistency of services provided to your legal team by overseeing as well as administering central group processes and ensuring there are appropriate utilities (i.e. space and equipment) to support the group’s operations. You will also manage the allocation of work and utilisation of administrative support to support client delivery activities.
The individual will work closely with the UK and Australia-based team in the following primary areas of responsibility:
- Primary point of contact for information security issues in our Australia and Asia offices.
- Maintaining information security standards, guidelines, procedures and local exceptions.
- Maintaining and expanding our ISO 27001 certification, in particular:
- Supporting security governance activities.
- Maintaining ISMS tools and documentation.
- Risk assessing new systems and suppliers.
- Preparing new and existing business units for certification.
- Supporting and responding to security audit activities.
- Developing new content and methods for security education and awareness.
- Providing information security advice to the business.
- Responding to client enquiries and monitoring compliance.
- Assisting with day-to-day operational issues and incidents.
- Building lasting and valuable relationships with internal stakeholders, especially IT and fee-earners.
Skills and Experience
- Degree educated (technical degree or similar).
- We would expect the successful candidate to have five or more years' experience in information security but may consider those with less experience providing they can demonstrate they meet the required competencies.
- Strong knowledge of ISO 27001 and certification.
- One or more of the following – MSc in security or similar, CISSP, CISA/CISM, ISO 27001 Lead Auditor.
- Professional Services experience preferable.
- Proven track record with information security projects.
- Ability to identify and analyse complex security risks and controls.
- Working knowledge of a broad range of security standards, control frameworks and good practice.
- Adaptable, diligent and works with initiative.
- Strong relationship builder – internal and external.