Information Security Analyst
Job Description
Job title: Information Security Analyst
Company: Addleshaw Goddard
Job description: Addleshaw Goddard are recruiting an experienced Information Security Analyst, to join the Information Security team within Leeds or Manchester.
With a presence and client base across the UK, Europe, Middle East and Asia, and a prominent position in the UK legal market, Addleshaw Goddard is looking for an Information Security Analyst with a proven history of delivery in a regulated environment.
Reporting to the Information Security Governance Manager, you will be a motivated self-starter, and will engage with a wide range of internal and external stakeholders.
This dynamic, and highly interactive role will plan, manage, and implement information security controls, whilst supporting the firms ISO/IEC:27001 security certification and Cyber Essential Plus.
WHAT TO EXPECT IN THIS ROLE
- Conducting Information Security risk assessments within the Surecloud GRC tool.
- Assist in managing the requirements for the firm to comply with ISO/IEC 27001 Policies and Standards.
- Gap analysis against information security standards.
- Conduct information security audits internally and externally.
- Assist in remediation activities to resolve audit findings.
- Respond to client audit requests and understand the client requirements.
- Conduct security due diligence on new and existing suppliers.
- Assist with incidents, requests and investigations.
- Interpret and write information security policies, standards, and other requirements in light of specific internal information systems, and assists with the implementation of these and other information security requirements.
- Provide special technical guidance to the Information Technology Department staff about the risks and control measures associated with new and emerging information systems technologies.
- Assist with the selection, installation, and adoption of automated tools that enforce or monitor the compliance with information security policies, procedures, standards, and similar information security requirements.
- Establish and maintain adequate audit trails so that sufficient evidence of business activities exists to detect unauthorised usage, to quickly resolve problems, and to otherwise maintain secure and reliable information systems within the Firm.
- Participate in, and act as a security representative in, the Change Advisory Board and the Design Authority Board to carry out information systems risk assessments including those associated with the development of new or significantly enhanced business applications.
- Participates in security incidents such as loss of equipment, unauthorised access and data loss events.
- Participate in allocated projects that involve information security aspects.
- Conduct phishing simulations and training across the business using Microsoft Defender.
- Conduct access control auditing using Azure Privileged Identity Management.
YOUR AREAS OF KNOWLEDGE AND EXPERTISE
This is a critical role, so we are looking to appoint an individual who understands the complexity of Information security within a large, complex and regulated organisation.
Essential skills:
- Ability to work logically to problem solve
- Ability to work independently
- Strong organisational skills enabling effective hybrid working
- An inquisitive mind and ability to apply critical thinking skills
- ISO/IEC 27001 experience
- Experience of using Microsoft 365 E5 security features
- Experience of using a GRC tool
- Risk assessment and/or auditing experience
- Industry qualifications such as CISM (exam qualified), CISSP or other relevant qualifications
Desirable skills:
- ServiceNow experience
- Information Security risk assessment and auditing experience
- Knowledge of GDPR/DPA
- Intune experience
- Experience in third party security auditing
- Experience with cloud security controls
- Knowledge of the legal sector
OUR FIRM
Addleshaw Goddard is a place where you are valued, encouraged, and challenged to fulfil your potential in a supportive and collegiate environment. Our culture of improvement, growth and collaboration delivers results, drives innovation, and rewards ambition.
We not only provide technical excellence and experience but, crucially, demonstrate real insight into our clients and what really matters to them and as such we are natural choice for FTSE100 clients and their equivalents in other markets.
Our success has been built by people from the widest range of backgrounds, locations, and perspectives. We have a number of employee networks that provide space to discuss the differences that make us who we are and celebrate this at AG.
OUR APPROACH: IMAGINE THE BEST YOU CAN BE
Everything we’ve accomplished can be traced back to our people and the way we work. Our reputation is something we are proud of, and constantly invest in.
Here, you’ll do high calibre work, with high-character colleagues who care for one another and our clients.
Are you up for the challenge?
Expected salary:
Location: Manchester – Leeds