Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Support governance, lead audits, and enhance security resilience in a dynamic law firm.
- Company: Join a forward-thinking law firm on a major cyber transformation journey.
- Benefits: Enjoy hybrid working, competitive salary, and strong UK benefits.
- Why this job: Be part of a crucial cyber initiative with opportunities for growth and impact.
- Qualifications: Experience in information security, knowledge of ISO 27001, and strong communication skills required.
- Other info: Certifications like CISMP or CISSP are a plus; work in a collaborative environment.
The predicted salary is between 44000 - 52000 £ per year.
Hybrid (London, 3 Days Onsite + Flexible Working) | £55,000–£65,000 + Strong UK Benefits | Strategic Cyber Investment
Be part of a forward-thinking law firm undergoing a major cyber transformation. As an Information Security Analyst, you’ll support governance, lead audits, and build security resilience across multiple jurisdictions.
What You’ll Be Doing
- Maintain and improve the ISMS, including policies, procedures, and guidelines
- Ensure ongoing ISO 27001:2022 alignment across UK and international offices
- Conduct internal audits, lead remediation efforts, and support third-party reviews
- Run supplier due diligence and respond to client risk assessments
- Investigate and escalate incidents, contributing to ongoing threat awareness
- Deliver awareness training and drive adoption of secure behaviours
What You’ll Bring
- Experience in information security or compliance-based roles
- Knowledge of ISO 27001, Cyber Essentials, NIST or similar frameworks
- Ability to communicate and collaborate across business functions
- Comfortable working in cloud and Microsoft 365 environments
- Certifications like CISMP, CISSP or ISO 27001 Lead Auditor are a bonus
InfoSec Analyst employer: Locke and McCloud
Contact Detail:
Locke and McCloud Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land InfoSec Analyst
✨Tip Number 1
Familiarise yourself with ISO 27001:2022 and other relevant frameworks. Understanding these standards will not only help you in interviews but also demonstrate your commitment to the role and its requirements.
✨Tip Number 2
Network with professionals in the information security field, especially those who work in law firms or similar environments. Engaging with them can provide insights into the specific challenges they face and how you can position yourself as a solution.
✨Tip Number 3
Stay updated on the latest trends and threats in cybersecurity. Being knowledgeable about current events and emerging risks will allow you to speak confidently about how you can contribute to the firm's security resilience.
✨Tip Number 4
Prepare to discuss your experience with audits and compliance in detail. Be ready to share specific examples of how you've led remediation efforts or improved security policies in previous roles, as this will showcase your hands-on expertise.
We think you need these skills to ace InfoSec Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in information security and compliance roles. Emphasise your knowledge of ISO 27001 and any certifications you hold, such as CISMP or CISSP.
Craft a Compelling Cover Letter: Write a cover letter that specifically addresses the job description. Mention your experience with ISMS, internal audits, and your ability to communicate across business functions. Show enthusiasm for the company's cyber transformation.
Highlight Relevant Skills: In your application, clearly outline your skills related to governance, incident investigation, and supplier due diligence. Use specific examples to demonstrate how you've contributed to security resilience in previous roles.
Proofread Your Application: Before submitting, carefully proofread your application for any spelling or grammatical errors. A polished application reflects your attention to detail, which is crucial in the field of information security.
How to prepare for a job interview at Locke and McCloud
✨Know Your Frameworks
Make sure you have a solid understanding of ISO 27001, Cyber Essentials, and NIST. Be prepared to discuss how you've applied these frameworks in your previous roles, as this will show your expertise and relevance to the position.
✨Demonstrate Incident Response Skills
Be ready to share specific examples of how you've investigated and escalated security incidents in the past. Highlight your problem-solving skills and ability to contribute to ongoing threat awareness, as this is crucial for the role.
✨Showcase Your Communication Skills
Since the role involves collaboration across various business functions, practice articulating complex security concepts in simple terms. This will demonstrate your ability to communicate effectively with non-technical stakeholders.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your decision-making and prioritisation skills in real-world situations. Think about how you would handle supplier due diligence or respond to client risk assessments, and be ready to explain your thought process.
