At a Glance
- Tasks: Lead and shape the Information Security strategy while ensuring compliance and risk management.
- Company: Join a leading firm committed to security excellence and innovation.
- Benefits: Enjoy hybrid working, competitive salary, and opportunities for professional growth.
- Other info: Flexible working arrangements tailored to your needs.
- Why this job: Make a significant impact on security governance in a dynamic environment.
- Qualifications: 8-12+ years in Information Security with strong governance leadership experience.
The predicted salary is between 80000 - 100000 £ per year.
Roles & Responsibilities
- Strategic & Governance Leadership
- Deputise for the Head of Information Security at ITLT, OpCom, RiskCom and Advisory Board as required.
- Define, maintain and mature the Information Security Strategy aligned to Technology Directorate and firm objectives.
- Establish governance mechanisms to ensure effective security oversight.
- Own annual review and update of Information Security Terms of Reference.
- Ensure security roles, responsibilities and training plans are defined and maintained.
- Regulatory & Policy Oversight
- Own the Information Security Policy framework and supporting standards.
- Ensure mapping of regulatory and industry standards (e.g. GDPR, ISO 27001) to firm policies.
- Oversee annual policy attestation and compliance reporting.
- Lead audit readiness and regulatory engagement.
- Risk & Assurance
- Ensure all information security risks are documented, escalated and managed appropriately.
- Oversee third-party security assessment programme (regulatory and client-driven).
- Provide executive-level reporting on security posture, risk exposure and compliance status.
- Maintain evidence framework demonstrating compliance and traceability.
- Financial & Resource Management
- Support management of Information Security budget.
- Oversee business case development for security initiatives.
- Manage programme demand and prioritisation across the InfoSec portfolio.
- Other
- Comply with all relevant legal and regulatory obligations including the Solicitors Regulation Authority (SRA) Standards and Regulations, and Principles.
Person Specification
- 8–12+ years in Information Security, with governance leadership experience.
- Strong knowledge of ISO 27001, GDPR, law firm or regulated professional services environment preferred.
- Experience presenting to executive committees.
- Strong commercial and financial awareness.
- Ability to operate at both strategic and tactical levels.
Hybrid Working
We adopt a hybrid and flexible working approach, dependent on the requirements of the role and subject to manager approval.
Information Security Lead employer: Charles Russell Speechlys
As an Information Security Lead, you will thrive in a dynamic and supportive environment that prioritises employee growth and development. Our hybrid working model offers flexibility, allowing you to balance your professional and personal life while contributing to a robust security strategy that aligns with our firm’s objectives. Join us to be part of a culture that values innovation, collaboration, and compliance, ensuring you have the resources and support needed to excel in your role.
StudySmarter Expert Advice🤫
We think this is how you could land Information Security Lead
✨Tip Number 1
Network like a pro! Reach out to your connections in the information security field and let them know you're on the lookout for opportunities. You never know who might have the inside scoop on a role that’s perfect for you.
✨Tip Number 2
Prepare for interviews by brushing up on your knowledge of ISO 27001 and GDPR. Be ready to discuss how you've applied these standards in your previous roles. Show them you’re not just a candidate, but a strategic thinker who can lead their InfoSec initiatives.
✨Tip Number 3
Don’t forget to showcase your leadership skills! When you get the chance to speak with hiring managers, highlight your experience in governance and risk management. They want to see that you can step in and take charge right away.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who are proactive about their job search. Let’s get you into that interview room!
We think you need these skills to ace Information Security Lead
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the role of Information Security Lead. Highlight your experience in governance leadership and your knowledge of ISO 27001 and GDPR. We want to see how your background aligns with our needs!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for this role. Share specific examples of your strategic leadership and how you've managed information security risks in the past. We love a good story!
Showcase Your Achievements:When detailing your experience, focus on your achievements rather than just responsibilities. Quantify your successes where possible, like improvements in compliance or risk management. We’re all about results here at StudySmarter!
Apply Through Our Website:Don’t forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re keen to join the StudySmarter team!
How to prepare for a job interview at Charles Russell Speechlys
✨Know Your Stuff
Make sure you brush up on your knowledge of ISO 27001 and GDPR, as these are key to the role. Be ready to discuss how you've applied these standards in previous positions, especially in a governance leadership context.
✨Showcase Your Leadership Skills
Prepare examples that highlight your experience in leading teams and managing security strategies. Think about times when you've had to present to executive committees and how you navigated those discussions.
✨Understand the Business Side
Since financial and resource management is part of the role, be prepared to talk about how you've managed budgets or developed business cases for security initiatives. This will show that you can operate at both strategic and tactical levels.
✨Be Ready for Scenario Questions
Expect questions that ask how you would handle specific security risks or compliance issues. Practise articulating your thought process and decision-making skills, as this will demonstrate your ability to manage risks effectively.
