Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead information security strategy and manage compliance across a top law firm.
- Company: Join a leading law firm committed to excellence and client service.
- Benefits: Competitive salary, professional development, and a chance to influence key stakeholders.
- Why this job: Make a real impact on information security and client confidentiality in a dynamic environment.
- Qualifications: Proven experience in information security management, ideally in a regulated environment.
- Other info: High impact role with strategic influence and excellent career growth opportunities.
The predicted salary is between 36000 - 60000 Β£ per year.
Do you have the skills and vision to strengthen information security while influencing stakeholders across a leading law firm? We are looking for an experienced Information Security Manager in either Aberdeen, Edinburgh or Glasgow. This is an exciting opportunity to lead our firm wide security strategy governance and operations.
Working with Partners, the COO, IT and Business Services you will maintain ISO 27001:2022 accreditation, strengthen resilience and safeguard client confidentiality. This role will allow you to develop and maintain our information security strategy and control framework aligned to ISO 27001:2022, UK GDPR and the Data Protection Act 2018, Law Society of Scotland and SRA Standards and Regulations, and relevant NCSC guidance.
You will lead on information security related risk management, board level reporting and security metrics, and oversee audits, certifications and client due diligence. You will support the COO in leading on business continuity and disaster recovery testing, host external audits and client assessments, and support bids by articulating our security posture.
You have proven experience in information security management within professional services, ideally a UK law firm or other regulated environment with strong knowledge of UK GDPR, the Data Protection Act 2018, Law Society of Scotland and SRA requirements, and relevant NCSC guidance. You are an excellent written and verbal communicator with partners, clients and auditors.
This is a high impact role with strategic influence, broad responsibility and direct engagement with senior stakeholders. You will champion a culture of accountability and continuous improvement backed by an organisation committed to excellence and client service.
If you have any questions or would like to discuss this opportunity in more detail please contact Jo McMonagle.
Burness Paull reserves the right to close this vacancy early if a sufficient number of applications are received for this role. Therefore if you are interested please submit your application as early as possible.
Closing Date: 06 January 2026
Information Security Manager | Compliance & Risk in Aberdeen employer: Burness Paull
Contact Detail:
Burness Paull Recruiting Team
StudySmarter Expert Advice π€«
We think this is how you could land Information Security Manager | Compliance & Risk in Aberdeen
β¨Tip Number 1
Network like a pro! Reach out to your connections in the legal and compliance sectors. Attend industry events or webinars where you can meet potential employers and showcase your expertise in information security.
β¨Tip Number 2
Prepare for interviews by brushing up on your knowledge of ISO 27001:2022 and UK GDPR. Be ready to discuss how you've implemented security strategies in past roles, and donβt forget to highlight your experience with audits and risk management.
β¨Tip Number 3
Showcase your communication skills! Practice articulating complex security concepts in simple terms. This will help you connect with stakeholders who may not have a technical background, which is crucial in a law firm setting.
β¨Tip Number 4
Donβt just apply through job boards; head over to our website and submit your application directly. This shows initiative and gives you a better chance of standing out in the hiring process!
We think you need these skills to ace Information Security Manager | Compliance & Risk in Aberdeen
Some tips for your application π«‘
Tailor Your CV: Make sure your CV is tailored to the Information Security Manager role. Highlight your experience with ISO 27001:2022 and UK GDPR, as well as any relevant achievements in risk management and compliance.
Craft a Compelling Cover Letter: Your cover letter should tell us why you're the perfect fit for this role. Share specific examples of how you've influenced stakeholders and led security strategies in previous positions.
Showcase Your Communication Skills: Since this role involves engaging with partners and clients, demonstrate your excellent written communication skills. Use clear and concise language, and make sure to proofread for any errors before submitting.
Apply Early!: Donβt wait until the last minute to submit your application. We might close the vacancy early if we find enough great candidates, so get your application in through our website as soon as you can!
How to prepare for a job interview at Burness Paull
β¨Know Your Standards
Make sure youβre well-versed in ISO 27001:2022, UK GDPR, and the Data Protection Act 2018. Brush up on how these standards apply to the law firm environment, as you'll need to demonstrate your understanding of compliance and risk management during the interview.
β¨Showcase Your Communication Skills
As an Information Security Manager, you'll be engaging with partners, clients, and auditors. Prepare examples that highlight your ability to communicate complex security concepts clearly and effectively. Think about times when you successfully influenced stakeholders or led discussions on security strategies.
β¨Prepare for Scenario Questions
Expect questions that ask how you would handle specific security challenges or risk management scenarios. Practice articulating your thought process and decision-making skills in these situations, as this will showcase your strategic influence and problem-solving abilities.
β¨Demonstrate Continuous Improvement Mindset
Be ready to discuss how you've championed a culture of accountability and continuous improvement in your previous roles. Share specific initiatives youβve led or contributed to that enhanced information security practices, as this aligns with the firm's commitment to excellence.
