Cyber Security Analyst

Job Description

Are you an experienced IT information/ cyber security analyst looking for an opportunity with a global law firm that will provide a fulfilling careerAre you looking for a role that incorporates client auditing, bid requests and ISO27001 standards to drive a security conscious cultureDo you want a role where you will be encouraged to promote and develop understanding of cyber security within a globally recognized companyIf you answered yes to any of the above, then we have the perfect role for you. So get in touch!Our client is a globally recognized law firm that has established an exceptionally equipped information security function that takes a proactive role in driving the safety of the business forward. They are looking for a Governance and Compliance Analyst tojoin the team to assist primarily with client audits and bid requests as well as 3rd party vendor on boarding. The role is based in the companies tech hub based in Newcastle upon Tyne and will entail hybrid working with a competitive salary.Required Experience & Skills:

• Education - an IT or Information Security qualification or 3+ years experience in a similar role.
• ISO 27001 qualification and / or experience.
• An understanding of the role of client bids and audits in business development and the effective management of third-party risk.
• Experience in the development and maintenance of Information Security policies.
• Experience with policy assurance, including audit activities.
• Familiarity working in large, matrix and geographically dispersed global organisations where IT and Information Security have played a key role to the business.
• Stakeholder management skills, including the ability to communicate complex Information Security concepts in business language.
• Passionate and driven to exceed expectations and to deliver with integrity.
• Effective third-party supplier management skills are desirable but not essential.

Role Responsibilities:

• Providing support for client bids and client audits. This involves assisting with the co-ordination of completing questionnaires received from clients, often to tight deadlines.
• Planning, co-ordination and oversight of internal and external audit programmes.
• Developing relevant and engaging Information Security communication material.
• Design, execution and analysis of phishing simulation campaigns for all employees and targeted high-risk users.
• Pursuing opportunities to increase awareness of Cyber security risks and issues throughout the Firm. Including, but not limited to, the delivery of a mandatory annual Information Security e-learning.
• Liaising with regional communications teams to contextualise and disseminate communication materials.
• Internal policy maintenance, including regular review.
• Policy exception management. This includes assessing and responding to exception requests and ensuing that existing exceptions are reviewed regularly.
• Assuring that all functions globally are compliant with Information Security-related policies. Policy compliance assurance can be undertaken via multiple methods e.g. self-assessment, sampling / full audits and is primarily carried out by a third partypartner.
• Escalating appropriately, where policy compliance is not in place and tracking any remediation actions to completion.
• Undertake other reasonable duties as requested by the Information Security Manager.

Salary: Upto £40,000 plus fantastic benefits