Senior Information Security Compliance Specialist

Job Description

Senior Information Security Compliance Specialist

Are you eager to take your Information Security expertise to the next level? Join our Global Information Security team as a Senior Information Security Compliance Specialist, based at our Belfast office! If you have experience in Information Security or IT audit roles and are ready for an opportunity to advance your IT career, this role could be perfect for you, offering a platform for growth and professional development.

Click apply below to submit your application today, or contact me for more information at Janet.Walsh@aoshearman.com

Global Information Security

Information Security is charged with the ongoing protection of the valuable information the firm holds and processes. This includes responsibility for cyber security, the protection of digital services and support to various internal stakeholders requiring information to manage our client relationship.

What you will do

As a Senior Information Security Compliance Specialist you will support the client audit and compliance teams who require detailed information relating to the firm's cyber controls, policies and processes that secure our client data. This role provides a link between client audit and compliance and the wider IT team, and supports the external accreditation processes for ISO-27001 and SOC2.

This role will also involve:

1. Delivering IT and Information Security risk management and compliance activities, advising business and IT functions on good practice across the Information Security risk management lifecycle.
2. Managing the completion of client compliance enquires/questionnaires relating to information security, coordinating with stakeholders across risk, business and IT teams.
3. Supporting Information Security compliance activities associated with ISO27001 and SOC2, including scoping; coordinating external security certification and surveillance audits; preparing compliance documentation; managing evidence to support on-site/remote audits, and acting as the liaison with business teams.
4. Acting as a liaison between internal audit and the broader IT and information security teams and tracking internal audit findings through to completion.
5. Updating the IT and information security risk register, ensuring risks are complete, owned and tracked through to remediation.
6. Maintaining the suite of IT and Information policies for the organisation, including coordinating the annual review cycles.
7. Supporting with reporting against defined key performance indicators ('KPI's) for Information Security risk management and compliance.
8. Providing input to the security operations team in responding to organisational Information Security risk related queries.
9. Advocating for information security across the organisation, driving an evolved culture of risk awareness and mitigation.
10. Advising on the design of new Information Security controls in response to risks identified.
11. Conducting Information Security risk assessments including in response to new products, change programmes, and emerging risks.

About you

We are looking for a candidate with a strong understanding of information security risk management and controls, aligned with standard security frameworks such as ISO27001, SOC2, and NIST. The ideal candidate will be capable of delivering risk assessments, managing risks, designing controls, and ensuring controls assurance.

Excellent communication skills and the ability to collaborate effectively with colleagues across the business are also essential for implementing leading security risk practices.

The successful candidate will demonstrate initiative and the ability to work independently, providing information security risk and control advice to the business. They should be able to translate technical security concepts and issues into business risks that can be easily understood by non-technical colleagues.

A security qualification such as CISM, CISSP, CISA or equivalent is desired but not essential. Previous experience within a professional services organization or legal firm would be advantageous.

What we can offer you

At A&O Shearman, we recognise that our people are our most valuable asset, which is reflected in the wide range of benefits that are available to our employees. Some of these benefits include: our occupational pension scheme, group income protection cover, mental health resources and free apps, health and wellbeing services including GP service, emergency back-up care support, parental and special leave, online discounts and lifestyle management services.

Should you require additional support at any stage of the recruitment process due to a disability or a health condition, please do not hesitate to contact a member of our recruitment team who will work with you to provide any adjustments as required.

We are an equal opportunities recruiter and do not discriminate on the basis of race, colour, sex, religion, sexual orientation, national origin, disability, or any other protected characteristic.

We recognise the value of flexible working and embrace hybrid working, allowing our people to work from home up to 40% of their working time. We do however remain committed to working together in person for the remaining 60% of time so that we can learn, grow and succeed together.

About A&O Shearman

A&O Shearman is a global industry-leading law firm, with 50 offices in 29 countries worldwide. We work on some of the most challenging and important deals and have built a reputation for delivering exceptional legal solutions that have the potential to shape the future.

Our business teams work hand-in-hand with our lawyers, consultants and other specialist teams, and are ambitious, driven and leaders in their field. The legal industry is changing, and we're committed to leading that change by putting our people first, embracing new ways of thinking and integrating technology into our everyday work.

With us, you will constantly be learning and growing. We invest in you by offering exceptional professional and personal development - providing training, mentoring and practical support. We offer rewarding careers that are built around your strengths and designed to ensure you can achieve your personal and professional goals, recognising that those may look different for everyone.

We have a powerful commitment to diversity, equity and inclusion. We're determined to play our part in advancing a workplace where progress is made by harnessing our differences - whatever defines you, we ask you to bring your whole self to work.

Please note this role is based in the A&O Shearman Belfast office, with an onsite presence required in line with our hybrid working policy.