Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead information security strategy and manage compliance across a top law firm.
- Company: Join a leading law firm committed to excellence and client service.
- Benefits: Competitive salary, professional development, and a chance to influence key stakeholders.
- Why this job: Make a real impact on information security and client confidentiality in a dynamic environment.
- Qualifications: Proven experience in information security management and strong communication skills.
- Other info: High impact role with strategic influence and excellent career growth opportunities.
The predicted salary is between 36000 - 60000 £ per year.
Do you have the skills and vision to strengthen information security while influencing stakeholders across a leading law firm? We are looking for an experienced Information Security Manager in either Aberdeen, Edinburgh or Glasgow. This is an exciting opportunity to lead our firm-wide security strategy governance and operations.
Working with Partners, the COO, IT and Business Services, you will maintain ISO 27001:2022 accreditation, strengthen resilience and safeguard client confidentiality. This role will allow you to develop and maintain our information security strategy and control framework aligned to ISO 27001:2022, UK GDPR and the Data Protection Act 2018, Law Society of Scotland and SRA Standards and Regulations, and relevant NCSC guidance.
You will lead on information security related risk management, board level reporting and security metrics, and oversee audits, certifications and client due diligence. You will support the COO in leading on business continuity and disaster recovery testing, host external audits and client assessments, and support bids by articulating our security posture.
You have proven experience in information security management within professional services, ideally a UK law firm or other regulated environment with strong knowledge of UK GDPR, the Data Protection Act 2018, Law Society of Scotland and SRA requirements, and relevant NCSC guidance. You are an excellent written and verbal communicator with partners, clients and auditors.
This is a high impact role with strategic influence, broad responsibility and direct engagement with senior stakeholders. You will champion a culture of accountability and continuous improvement backed by an organisation committed to excellence and client service.
If you have any questions or would like to discuss this opportunity in more detail please contact Jo McMonagle.
Closing Date: 06 January 2026
Information Security Manager | Compliance & Risk employer: Burness Paull
Contact Detail:
Burness Paull Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Manager | Compliance & Risk
✨Tip Number 1
Network like a pro! Reach out to your connections in the legal and compliance sectors. Attend industry events or webinars where you can meet potential employers and showcase your expertise in information security.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of ISO 27001:2022 and UK GDPR. Be ready to discuss how you've implemented security strategies in past roles, and don’t forget to highlight your experience with audits and risk management.
✨Tip Number 3
Showcase your communication skills! Practice articulating complex security concepts in simple terms. This will help you connect with stakeholders who may not have a technical background, which is crucial in a law firm setting.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who are proactive about their job search. Don’t wait until the last minute; get your application in early!
We think you need these skills to ace Information Security Manager | Compliance & Risk
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Information Security Manager role. Highlight your experience with ISO 27001:2022 and UK GDPR, as these are key for us. Use specific examples that showcase your skills in risk management and stakeholder engagement.
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for our firm. Mention your passion for information security and how you can contribute to our culture of accountability and continuous improvement.
Showcase Your Communication Skills: Since this role involves engaging with partners and clients, make sure your written application reflects your excellent communication skills. Keep your language clear and professional, but don’t be afraid to let your personality shine through!
Apply Early!: Don’t wait until the last minute to submit your application. We might close the vacancy early if we get enough applications, so get yours in as soon as possible through our website. We can’t wait to see what you bring to the table!
How to prepare for a job interview at Burness Paull
✨Know Your Standards
Familiarise yourself with ISO 27001:2022, UK GDPR, and the Data Protection Act 2018. Be ready to discuss how your experience aligns with these standards and how you can maintain compliance within the firm.
✨Showcase Your Communication Skills
As an Information Security Manager, you'll need to communicate effectively with various stakeholders. Prepare examples of how you've successfully engaged with partners, clients, and auditors in the past, highlighting your ability to convey complex information clearly.
✨Prepare for Scenario Questions
Expect questions about risk management and incident response. Think of specific scenarios where you've led security initiatives or handled audits, and be ready to explain your thought process and outcomes.
✨Demonstrate Strategic Thinking
This role requires a strategic mindset. Be prepared to discuss how you would develop and implement an information security strategy that aligns with the firm's goals. Show your understanding of the broader implications of security on business continuity and client trust.
