Information Security Lead | Permanent | Hybrid
- Salary: Up to £108,000 + Excellent benefits
- Hybrid: 3 days per week onsite (City Thameslink)
- Industry: Highly regulated environment
Job Summary: Our client, a leading international law firm, is seeking an experienced Information Security Lead - a senior deputy-level role reporting to the Head of Information Security, with responsibility for strategic leadership, governance, regulatory compliance, and executive-level reporting across the firm's information security programme. The successful candidate will operate at both a strategic and hands‑on level within a regulated professional services environment.
Key Responsibilities
- Deputise for the Head of Information Security at senior leadership and advisory board level
- Own and maintain the Information Security Policy framework, ensuring alignment with ISO 27001, GDPR, and SRA requirements
- Lead governance, risk, and assurance activities including third‑party security assessments and audit readiness
- Provide executive‑level reporting on security posture, risk exposure, and compliance status
- Manage the InfoSec programme portfolio, including business case development and budget oversight
- Define, maintain, and evolve the firm's Information Security Strategy in line with broader technology objectives
Qualifications and Requirements
- Minimum 8 years of Information Security experience, with governance or leadership background
- Strong working knowledge of ISO 27001 and GDPR within a regulated environment
- Experience presenting to executive committees or board‑level stakeholders
- Background in law firms or regulated professional services is highly desirable
- Able to operate confidently at both strategic and operational levels
