At a Glance
- Tasks: Ensure security compliance and support IT operations in a fast-growing LegalTech company.
- Company: Join Definely, a dynamic LegalTech firm focused on innovation and security.
- Benefits: Competitive salary, annual bonus, hybrid working, and generous holiday allowance.
- Other info: Enjoy quarterly socials and a month of remote work flexibility.
- Why this job: Make a real impact on data security while shaping IT processes in a scaling environment.
- Qualifications: Experience in information security, cloud security expertise, and relevant certifications required.
The predicted salary is between 60000 - 80000 £ per year.
We’re looking for a skilled Senior Information Security Officer to join Definely at a pivotal stage of growth. You’ll play a key role in ensuring our systems and processes align with ISO 27001 and SOC 2 requirements, contributing to risk assessments, and supporting incident response activities. Working closely with product and engineering teams, you’ll help embed security into the design of our Microsoft Word add-ins and AI-driven features.
As we scale, you’ll also provide IT support across the business, helping to manage devices, onboard new team members, and support day-to-day IT operations to ensure our people can work securely and efficiently. This is an exciting opportunity to have a direct impact on the security posture of a fast-growing LegalTech company, helping safeguard enterprise customers’ most sensitive data while also shaping how we scale IT and security together.
- Own and evolve Definely’s Information Security Management System (ISMS).
- Drive readiness for ISO/IEC 42001 AI certification.
- Guide security considerations in our AI/LLM-enabled products.
- Risk & Incident Management: Perform ongoing risk assessments, vendor security reviews, and DPIAs. Ensure strong access management, secrets management, and cloud security hygiene.
- IT Support & Operations: Provide day-to-day IT support for employees, including device management, troubleshooting, and access provisioning. Support onboarding and offboarding processes to ensure secure and efficient setup of accounts, devices, and permissions. Help scale internal IT processes and tooling as the company grows. Deliver security training and awareness across the company. Communicate risks and incidents clearly to technical and non-technical stakeholders.
Proven experience in information security within a SaaS or product led environment. Strong track record of delivering ISO 27001, SOC 2, or similar certifications, with interest in ISO/IEC 42001 AI standards. Solid understanding of GDPR and data protection best practices. Deep knowledge of secure SDLC, threat modelling, and securing AI and LLM based systems. Strong cloud security expertise across Azure or AWS, including access control, secrets management, and incident response. Experience running IT operations in a scaling business, including device management, SaaS tooling, and identity systems such as SSO and IAM. Relevant certifications such as CISSP, CISM, CCSK, or ISO 27001 Lead Auditor, and a degree in a related field.
Competitive salary & annual bonus. Quarterly team socials + holiday parties. Hybrid working + 1 month “work from anywhere”. 25 days holiday.
Senior Cyber Security and Information Security Officer employer: Definely
Definely is an exceptional employer, offering a dynamic work environment where innovation meets security in the fast-paced LegalTech sector. With a strong focus on employee growth, we provide opportunities for professional development through certifications and hands-on experience in a collaborative culture that values teamwork and creativity. Our hybrid working model, generous holiday allowance, and engaging team activities ensure a healthy work-life balance while you contribute to safeguarding sensitive data for our enterprise customers.
StudySmarter Expert Advice🤫
We think this is how you could land Senior Cyber Security and Information Security Officer
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can refer you directly.
✨Tip Number 2
Show off your skills! Create a portfolio or a personal project that highlights your expertise in information security. This is a great way to demonstrate your capabilities beyond just a CV.
✨Tip Number 3
Prepare for interviews by practising common questions related to cyber security and IT operations. We recommend doing mock interviews with friends or using online platforms to get comfortable with your responses.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows you’re genuinely interested in joining our team at Definely.
We think you need these skills to ace Senior Cyber Security and Information Security Officer
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the role. Highlight your experience with ISO 27001, SOC 2, and any relevant certifications. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Share your passion for information security and how you can contribute to our team. Don’t forget to mention your experience in SaaS environments and any specific projects that relate to our needs.
Showcase Your Technical Skills:We’re keen on your technical expertise, so don’t hold back! Include details about your knowledge of cloud security, secure SDLC, and incident response. This is your moment to demonstrate how you can help us safeguard sensitive data.
Apply Through Our Website:We encourage you to apply through our website for a smoother process. It helps us keep track of applications and ensures you get the best experience possible. Plus, it shows you're serious about joining our team!
How to prepare for a job interview at Definely
✨Know Your Standards
Make sure you’re well-versed in ISO 27001 and SOC 2 requirements. Brush up on how these standards apply to the role and be ready to discuss your experience with them. This shows you’re not just familiar but also prepared to implement these frameworks effectively.
✨Showcase Your Technical Skills
Be prepared to dive deep into your technical expertise, especially around cloud security, secure SDLC, and incident response. Bring examples of past projects where you’ve successfully managed risks or implemented security measures, particularly in a SaaS environment.
✨Communicate Clearly
Since you’ll need to communicate risks to both technical and non-technical stakeholders, practice explaining complex concepts in simple terms. This will demonstrate your ability to bridge the gap between tech and business, which is crucial for this role.
✨Prepare for Scenario Questions
Expect scenario-based questions that assess your problem-solving skills in real-world situations. Think about past incidents you’ve managed or risk assessments you’ve conducted, and be ready to walk through your thought process and actions taken.
