IS Compliance Manager

An exciting opportunity has arisen for an IS Compliance Manager to join the team reporting into the Head of Risk. This role will manage assigned compliance program(s) and related activities for the firm and/

The risk & ethics directorate (R&E) is responsible for all areas of compliance and risk management for Shoosmiths including developing firmwide policies and procedures to ensure compliance with all legal and regulatory compliance requirements.

Shoosmiths is the law firm clients choose for excellent service.

We have an outstanding benefits package to complement our competitive remuneration system. In addition to the competitive salaries.

To discover more about our benefits.

• Provide IT compliance guidance and recommendations across the firm
• Maintain and improve appropriate documentation
• Act as principal respondent for client audits.
• Proactively explore control deficiencies associated with IT systems and processes throughout the firm.
• Ensure internal controls and regulatory compliance across IS
• Promote and implement solutions that reduce the total cost of internal controls compliance.
• Develop and Manage security awareness and training initiatives to promote the success of company-wide IS compliance.
• Responsible for responding to Client information security audits
• Establish and maintain internal and external contacts to position and leverage industry best practices.
• Assist with the ongoing development of the firm's AI Policy acting as a contact point for queries related to AI and our overall strategy as part of a secure IS security posture.
• Own and manage the BCP process.
• Develop Portfolio and Compliance Programs and control plans.
• Conduct internal compliance assessments.
• Document findings and develop remediation plans.
• Manage internal and customer-facing IT compliance initiatives.

This job description encompasses the main duties expected of the role but the successful candidate may be involved in all areas of risk management from time to time according to the needs of the directorate.

Educated to degree level

• Experience of working in regulated commercial environments.
• Solid knowledge of ISO 27001 and cyber essentials+ accreditation requirements and previous implementation experience.
• Excellent documentation skills using process mapping tools such as Visio
• Excellent verbal and written communications skills with ability to communicate with all levels of technical and business resources
• General IT technical knowledge covering Operating Systems

• Previous experience of working in the professional services sector.

Due to the nature of the work undertaken

Our approach to our people is underpinned by our approach to diversity, inclusion and well-being. Our ambition is to build a diverse and ambitious workforce that reflects all backgrounds and talents, and a workplace that is supportive and inclusive, recognises and nurtures talent, and has a strong sense of community between colleagues.

This means that everyone who either applies to or works for the firm is treated equally, whatever their gender, age, ethnic origin, nationality, marital status, disability, sexual orientation or religious beliefs.