6 months ago
Information Risk Officer
[Forward to a friend]
Risk and Best Practice
Protecting our infrastructure and records is of vital importance to us. It's a big job - read on to find out how we're doing it and how you can help.
So what's the job?
This job will see you leading the ongoing work to protect our firm from the risks of cybercrime along with data loss and information leakage. It supports our firm's risk framework by taking responsibility for the maintenance of our ISO 27001 certification as well as our other external quality standards. This is an influential position that requires expert knowledge, the ability to engage our people across our 8 offices, problem solving, pragmatism and effective communication skills.
We're looking for someone with a proactive approach to mitigating the risks, as well as being involved in security testing and vetting processes. As well as having technical expertise, you'll need to be a good people person. This role requires you to have practical experience of IT infrastructure and terminology in order to work with IT teams. You'll also work with the wider business on impact assessment, business continuity risks, backup and disaster recovery. Working with IT you'll help ensure the ongoing development and testing of procedures that provide assurance against cyber-attacks and deliver effective security.
This is a permanent job which can be based either in our Newcastle or Bristol office. Both city centre based and it's hard to say who has the most spectacular view.
What will I actually be doing day to day?
You'll have an oversight of our security continuity plans and risk management activities. You'll drive forward measures to protect the firm and facilitate ongoing education and awareness programmes (this does include a degree of chasing us up to complete the e-learning you sent us). Working with our risk guys, it will be your job to make sure our business continuity arrangements are robust, monitored and remain fit for purpose. You will advise colleagues, provide insight and make recommendations.
Our Data Protection Officer (DPO) needs your support in terms of fielding general queries and dealing with data protection requirements to be able to deal with data access requests. We have a talented bids team who are constantly securing tenders for our firm and they will lean on you for support around client enquiries regarding our security and risk processes.
This is just a snapshot we have a more comprehensive job description.
Who will I work with?
You'll report directly into our Operational Risk Director who also oversees compliance, internal audit and business assurance. These teams are based across Newcastle, Bristol and Plymouth and all form part of our Risk and Best Practice team which is headed up by one of our Partners. You'll also work closely with our IT Director and his Managers and this is why it's essential that you have the IT knowledge which will enable you talk on a technical basis. Then there are our Partners, Lawyers, Directors, Managers through to Paralegals, Legal Secretaries and Support teams. It goes without saying that you'll need effective communication skills and the ability to influence, challenge and engage our people at all levels.
Ok so what qualifications and experience do I need?
This is a challenging role so naturally we have a 'wish list' of essential skills. Firstly a qualification in either CISA, CISSP, CISM, PCI ISA, or ISO27001 lead auditor. Being a law firm knowledge of the SRA Code of Conduct rules would be ideal however if you don't we will guide you through this (there is a really thick book you will need to read!). Previous risk management, audit assurance, and a qualification or good understanding of the Data Protection Act . Lastly proven experience of working with IT systems and infrastructure.
What makes it great to work here?
We are a leading commercial law firm providing a comprehensive legal service to our clients who range from FTSE 100 businesses, governmental organisations, privately managed business to wealthy individuals.
We've recently been recommended as a top tier law firm across 76 practice areas in the Chambers UK Guide to Law Firms. We've won various awards this year and have an Investors in People accreditation. Our offices are all impressive and looked after by our great Facilities and Guest Services team. We have a catering company who run our onsite delis (I recommend the Mexican) and our forward thinking IT team are always updating our systems. As you'd expect in a firm our size you'll receive a comprehensive benefits package which you can manage personally.
You may have also read our exciting news in the press that we are about to combine with a US firm in the autumn of this year and will become a top twenty UK law firm.
But most of all – it's our people and culture that make it a great place to work.
So you're interested but have some Questions?
If this sounds like a role that you can do then we want to hear from you. Please follow the instructions to make a formal application – just a few contact detail questions and then upload your CV.
If you have questions about the role please do contact me Sara Casey on. (No agencies please). Follow the Recruitment team on Twitter @BondDCareers.
< Back to available positions