Enable job alerts via email!
Information Security Assurance Specialist
Taylor Root Dusseldorf
Greater London
On-site
GBP 60,000 - 85,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading international law firm is seeking an Information Security Assurance Specialist to join its team in London. This new role focuses on strengthening the firm's security posture through governance and assurance rather than daily operations. Responsibilities include supporting architecture reviews and ensuring alignment with InfoSec policies. The ideal candidate will have over 4 years of experience in information security and strong knowledge of ISO 27001. This offers a strategic view across the firm, emphasizing early engagement with projects.
Qualifications
- 4+ years’ experience in information security or technical cyber security.
- Strong knowledge of ISO 27001 and Cyber Essentials Plus.
- Experience in regulated or private-sector environments.
Responsibilities
- Support architecture and design reviews.
- Ensure systems align with InfoSec policies and standards.
- Help evolve assurance frameworks with new technologies.
- Support ISO 27001 certification and policy development.
Skills
We are partnering with a prestigious international law firm to hire an Information Security Assurance Specialist to join its Information Security and Privacy team within the wider Legal, Risk, and Compliance function, based in London.
This is a newly created role reporting to the Information Security Manager, focused on strengthening the firm’s security posture. The role sits firmly in the second line of defence, with an emphasis on governance, policy, and assurance rather than day‑to‑day operations.
The core focus is security assurance testing, particularly penetration testing. You will ensure testing is appropriately scoped, meaningful, and followed through to resolution. You will also embed security assurance into IT projects and change initiatives by defining security requirements, reviewing designs, and working with technical teams to mitigate security risks arising from change.
A key aspect of the role is early engagement with projects. You’ll partner with architects, business analysts, and DevOps teams to challenge designs and influence security outcomes from the outset. The role requires strong technical understanding, without hands‑on engineering.
- Supporting architecture and design reviews
- Ensuring systems align with InfoSec policies and standards
- Helping evolve assurance frameworks as new technologies are adopted
- Supporting ISO 27001 certification and policy development
This is a strategic role with a broad, firm‑wide view rather than ownership of a single product or platform.
- 4+ years’ experience in information security or technical cyber security
- Strong knowledge of ISO 27001 and Cyber Essentials Plus (auditor or implementer experience desirable)
- Experience in regulated or private‑sector environments (law firm experience advantageous; FS/banking backgrounds welcome)
- Understanding of Lines of Defence models and second‑line assurance roles
Please note our advertisements use PQE/salary levels purely as a guide. However we are happy to consider applications from all candidates who are able to demonstrate the skills necessary to fulfil the role.
Please note that your personal information will be treated in accordance with our Privacy Policy.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
