At a Glance
- Tasks: Ensure security compliance and support IT operations in a fast-growing LegalTech company.
- Company: Join Definely, a dynamic LegalTech startup backed by industry giants like Microsoft and Google.
- Benefits: Enjoy competitive salary, hybrid working, generous holiday, and private healthcare.
- Other info: Be part of a collaborative team with excellent career growth opportunities.
- Why this job: Make a real impact on data security while shaping the future of IT in a scaling business.
- Qualifications: Experience in information security and strong knowledge of ISO standards and cloud security.
The predicted salary is between 60000 - 80000 £ per year.
We’re looking for a skilled Senior Information Security Officer to join Definely at a pivotal stage of growth. You’ll play a key role in ensuring our systems and processes align with ISO 27001 and SOC 2 requirements, contributing to risk assessments, and supporting incident response activities. Working closely with product and engineering teams, you’ll help embed security into the design of our Microsoft Word add-ins and AI-driven features.
As we scale, you’ll also provide IT support across the business, helping to manage devices, onboard new team members, and support day-to-day IT operations to ensure our people can work securely and efficiently. This is an exciting opportunity to have a direct impact on the security posture of a fast-growing LegalTech company, helping safeguard enterprise customers’ most sensitive data while also shaping how we scale IT and security together.
- Own and evolve Definely’s Information Security Management System (ISMS).
- Drive readiness for ISO/IEC 42001 AI certification.
- Guide security considerations in our AI/LLM-enabled products.
- Perform ongoing risk assessments, vendor security reviews, and DPIAs.
- Ensure strong access management, secrets management, and cloud security hygiene.
- Provide day-to-day IT support for employees, including device management, troubleshooting, and access provisioning.
- Support onboarding and offboarding processes to ensure secure and efficient setup of accounts, devices, and permissions.
- Help scale internal IT processes and tooling as the company grows.
- Deliver security training and awareness across the company.
- Communicate risks and incidents clearly to technical and non-technical stakeholders.
Proven experience in information security within a SaaS or product led environment. Strong track record of delivering ISO 27001, SOC 2, or similar certifications, with interest in ISO/IEC 42001 AI standards. Solid understanding of GDPR and data protection best practices. Deep knowledge of secure SDLC, threat modelling, and securing AI and LLM based systems. Strong cloud security expertise across Azure or AWS, including access control, secrets management, and incident response. Experience running IT operations in a scaling business, including device management, SaaS tooling, and identity systems such as SSO and IAM. Relevant certifications such as CISSP, CISM, CCSK, or ISO 27001 Lead Auditor, and a degree in a related field.
Competitive salary & annual bonus, quarterly team socials + holiday parties, hybrid working + 1 month “work from anywhere”, 25 days holiday + bank holidays, take your birthday off, private healthcare (incl. dental & optical), enhanced parental leave + Workplace Nursery salary sacrifice scheme, Cycle to Work, top-quality equipment.
Senior Cyber Security and Information Security Officer in London employer: Definely
Definely is an exceptional employer, offering a dynamic work environment where innovation meets security in the fast-paced LegalTech sector. With competitive salaries, generous benefits including private healthcare and enhanced parental leave, and a strong focus on employee growth through training and development, we empower our team to thrive. Our hybrid working model and unique 'work from anywhere' month reflect our commitment to work-life balance, making Definely a truly rewarding place to build your career.
StudySmarter Expert Advice🤫
We think this is how you could land Senior Cyber Security and Information Security Officer in London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can put in a good word for you.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your projects related to information security. This gives potential employers a taste of what you can do and sets you apart from the crowd.
✨Tip Number 3
Prepare for interviews by brushing up on common questions and scenarios in cyber security. Practice articulating your experience with ISO 27001 and SOC 2, and be ready to discuss how you've handled risk assessments and incident responses.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we love seeing candidates who are genuinely interested in joining our team at Definely.
We think you need these skills to ace Senior Cyber Security and Information Security Officer in London
Some tips for your application 🫡
Tailor Your CV:Make sure your CV reflects the skills and experiences that align with the Senior Cyber Security and Information Security Officer role. Highlight your experience with ISO 27001, SOC 2, and any relevant certifications to catch our eye!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how your background makes you a perfect fit for Definely. Don’t forget to mention your interest in AI standards and secure SDLC.
Showcase Your Achievements:When detailing your past roles, focus on specific achievements rather than just responsibilities. Did you lead a successful risk assessment or improve incident response times? We want to hear about it!
Apply Through Our Website:We encourage you to apply directly through our website for the best chance of getting noticed. It’s the easiest way for us to keep track of your application and ensure it reaches the right people!
How to prepare for a job interview at Definely
✨Know Your Standards
Make sure you’re well-versed in ISO 27001 and SOC 2 requirements. Brush up on how these standards apply to the role and be ready to discuss your experience with them. This shows you’re not just familiar but also prepared to implement these frameworks effectively.
✨Showcase Your Technical Skills
Be prepared to dive deep into your knowledge of cloud security, especially with Azure or AWS. Highlight any specific projects where you’ve managed access control or incident response. This will demonstrate your hands-on experience and technical prowess.
✨Communicate Clearly
Practice explaining complex security concepts in simple terms. You’ll need to communicate risks and incidents to both technical and non-technical stakeholders, so being able to articulate your thoughts clearly is crucial. Consider using examples from past experiences to illustrate your points.
✨Prepare for Scenario Questions
Expect scenario-based questions that assess your problem-solving skills in risk management and incident response. Think of past situations where you successfully navigated challenges and be ready to share those stories. This will help the interviewers see how you think on your feet.
