Security Compliance Manager

Keen to become part of a truly global collaborative team of professionals Your journey begins here.

Security Compliance Manager

Information Security

London

Head of Information Risk

35 hours per week 9 : 30am to 5 : 30pm but additional hours may be required. We are happy to consider agile and flexible working patterns.

Our approach to hybrid working allows for up to 40% of time working from home and 60% working in the office please contact a member of the recruitment team to discuss further.

Hogan Lovells is one of the leading global law firms. Our distinctive market position is founded on our exceptional breadth of our practice on deep industry knowledge and on our one team global approach. Formed through the combination of two top international law firms Hogan Lovells has over 40 offices in the Americas Asia-Pacific Europe the Middle East and Africa.

With a presence in the worlds major financial and commercial markets we are well placed to provide excellent business-oriented advice to our clients locally and internationally. Our people are the key to our success which is why we seek to recruit and retain the most talented individuals in all regions of our global practice.

The department is responsible for the use of Information Technology computer systems and electronic communications throughout the firm and where appropriate to its clients.

Hogan Lovells is seeking an experienced Security Compliance Manager who will be responsible for coordinating and responding to external and internal security and compliance audit activities while managing the firms ISO 27001 ISMS. They will represent the firms security program to clients manage ISO 27001 audits and will also be responsible for managing security assessments and audits of key partners.

• Serve as the primary liaison between the firm and its clients for IT and security-centric inquiries.
• Maintain the firms ISO 27001 ISMS and associated deliverables.
• Coordinate and maintain internal and external security assessment schedule.
• Manage security assessments as required by the firms clients and certification agencies.
• Manage security and compliance deliverables across multiple teams.
• Collaborate with internal and external stakeholders on controls and gap remediation.
• Maintain appropriate documentation and records in order to meet compliance requirements.
• Clearly explain our Security and Compliance program to clients and other third parties.
• Provide responses to customer security questionnaires and RFPs detailing firm capabilities.
• Develop recommendations to correct control deficiencies and provide ideas for process improvements.

International travel may be required.

Specific duties or responsibilities may be reviewed from time to time to reflect changes in personnel and management structure staff location or services.

All members of the firm participate in our Responsible Business program.

• ISO 27001 Lead Auditor and / or extensive experience in working with ISO 27001 and related standards.
• Working knowledge of ISO 27001 and Cyber Essentials Plus requirements and controls.
• 5 years of IT and Security audits or assessments or related experience.
• Conceptual understanding of security best practices and solutions.

• Possess a sufficient understanding of technical concepts including systems networks and security architecture best practices in order to effectively evaluate risk and assess the effectiveness of controls
• Knowledge of industry compliance standards including ISO27001.
• Demonstrated written and oral communication skills and ability to communicate with all levels of management.
• Ability to interact effectively with and influence internal and external customers.
• Keen attention to detail and accuracy in order to analyse and finalise documents.
• Ability to build relationships and work cross-functionally with internal and external constituents.
• Broad knowledge of risk management vulnerability management and third party risk.
• Familiarity with control design execution and monitoring policies and procedures.

Our goal is to embed flexibility across our business by giving everyone the opportunity to work in an agile way whether as a regular pattern or on an ad hoc basis and we will be happy to discuss this further.

It is the policy of Hogan Lovells to provide equal opportunities for all employees in relation to recruitment training and promotion. Decisions in these areas will be made only by reference to the requirements of the job and shall not be influenced by any consideration of racial or ethnic origin religion sex gender and gender identity age sexual orientation marital and civil partnership status pregnancy or disability.

Manager

Abinitio,Apprentice,Dermatology,Cost Estimation,Data Networking,Liaison

Full-Time

years

1