Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead the information security strategy and manage compliance across a top law firm.
- Company: Join a leading law firm committed to excellence and client service.
- Benefits: Competitive salary, professional development, and a chance to influence key stakeholders.
- Why this job: Make a real impact on information security while working with senior leaders.
- Qualifications: Experience in information security management and strong knowledge of UK GDPR.
- Other info: High impact role with opportunities for strategic influence and career growth.
The predicted salary is between 36000 - 60000 Β£ per year.
Do you have the skills and vision to strengthen information security while influencing stakeholders across a leading law firm? We are looking for an experienced Information Security Manager in either Aberdeen, Edinburgh or Glasgow. This is an exciting opportunity to lead our firm wide security strategy, governance and operations.
Working with Partners, the COO, IT and Business Services, you will maintain ISO 27001:2022 accreditation, strengthen resilience and safeguard client confidentiality. This role will allow you to develop and maintain our information security strategy and control framework aligned to ISO 27001:2022, UK GDPR and the Data Protection Act 2018, Law Society of Scotland and SRA Standards and Regulations, and relevant NCSC guidance.
You will lead on information security related risk management, board level reporting and security metrics, and oversee audits, certifications and client due diligence. You will support the COO in leading on business continuity and disaster recovery testing, host external audits and client assessments, and support bids by articulating our security posture.
You have proven experience in information security management within professional services, ideally a UK law firm or other regulated environment, with strong knowledge of UK GDPR, the Data Protection Act 2018, Law Society of Scotland and SRA requirements, and relevant NCSC guidance. You are an excellent written and verbal communicator with partners, clients and auditors.
This is a high impact role with strategic influence, broad responsibility and direct engagement with senior stakeholders. You will champion a culture of accountability and continuous improvement, backed by an organisation committed to excellence and client service.
If you have any questions or would like to discuss this opportunity in more detail, please contact Jo McMonagle.
Burness Paull reserves the right to close this vacancy early if a sufficient number of applications are received for this role. Therefore, if you are interested, please submit your application as early as possible.
Closing Date: 12 December 2025
Information Security Manager | Compliance & Risk in Scotland employer: Burness Paull LLP
Contact Detail:
Burness Paull LLP Recruiting Team
StudySmarter Expert Advice π€«
We think this is how you could land Information Security Manager | Compliance & Risk in Scotland
β¨Tip Number 1
Network like a pro! Reach out to your connections in the legal and compliance sectors. Attend industry events or webinars where you can meet potential employers and showcase your expertise in information security.
β¨Tip Number 2
Prepare for interviews by brushing up on your knowledge of ISO 27001:2022 and UK GDPR. Be ready to discuss how you've implemented security strategies in past roles, and donβt forget to highlight your experience with audits and risk management.
β¨Tip Number 3
Showcase your communication skills! Practice explaining complex security concepts in simple terms. This will help you connect with stakeholders who may not have a technical background, which is crucial in a law firm setting.
β¨Tip Number 4
Apply through our website! Itβs the best way to ensure your application gets noticed. Plus, it shows you're genuinely interested in joining our team and contributing to our commitment to excellence in information security.
We think you need these skills to ace Information Security Manager | Compliance & Risk in Scotland
Some tips for your application π«‘
Tailor Your CV: Make sure your CV speaks directly to the role of Information Security Manager. Highlight your experience with ISO 27001:2022 and any relevant compliance frameworks. We want to see how your skills align with our needs!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for this role. Share specific examples of how you've influenced stakeholders and managed information security in previous roles.
Showcase Your Communication Skills: Since this role involves engaging with partners and clients, make sure your application reflects your excellent written communication skills. We love clear, concise, and professional language that gets straight to the point!
Apply Early!: Donβt wait until the last minute to submit your application. We might close the vacancy early if we find the right candidate, so get your application in through our website as soon as you can!
How to prepare for a job interview at Burness Paull LLP
β¨Know Your Standards
Make sure youβre well-versed in ISO 27001:2022, UK GDPR, and the Data Protection Act 2018. Brush up on how these regulations apply to the role and be ready to discuss how youβve implemented them in past positions.
β¨Showcase Your Communication Skills
As an Information Security Manager, you'll need to communicate effectively with various stakeholders. Prepare examples of how you've successfully engaged with partners, clients, and auditors in previous roles to demonstrate your strong communication skills.
β¨Prepare for Scenario Questions
Expect questions that assess your problem-solving abilities in real-world situations. Think of specific instances where you managed risks or led security initiatives, and be ready to explain your thought process and outcomes.
β¨Demonstrate Leadership and Influence
This role requires strategic influence and leadership. Be prepared to discuss how you've championed a culture of accountability and continuous improvement in your previous roles, and how you plan to do the same in this position.
