Security and Compliance Analyst in London

Dentons' Information Security Team sits at the heart of protecting the Firm’s reputation and strengthening client trust. We provide assurance, confidence, and credibility in an increasingly complex risk landscape. We lead client audits and rigorously assess third-party vendors, demonstrating to clients that we take security seriously and operate to the highest standards.

The team partners closely with senior leaders, IT, and business teams to embed security into everything we do, turning complex regulatory requirements into practical, business-friendly solutions. Our work helps the firm win new business, retain major clients, and operate with confidence in a world where information security is critical.

As a Security & Compliance Analyst, you will work independently and confidently, building strong relationships with senior stakeholders including Partners and the Office of the General Counsel. Combining technical expertise with first-class communication skills, you’ll translate complex security requirements into clear, practical guidance while shaping key processes and ensuring the firm meets the highest international standards.

• Develop and enhance firmwide practices to ensure security controls align with ISO standards and client expectations.
• Support the development, implementation, and communication of security policies alongside the Head of Information Security and IT Director.
• Lead and manage the client audit process, including responding to tenders and security questionnaires, ensuring timely review and action.
• Oversee the vendor assurance process, assessing third parties against the firm’s risk profile using established tools.
• Build strong relationships with key stakeholders, including the Office of General Counsel and Partner-level executives, to effectively manage audit and compliance requirements.
• Act as a subject matter expert on the firm’s information security governance framework, responding to internal and external queries.
• Provide practical advice and guidance on information security, compliance, and regulatory matters.
• Participate in regional and global security and compliance forums.
• Identify, monitor, and raise awareness of emerging client and risk-related issues.
• Analyse data related to information security, providing insight and informing the activities of the wider team.
• Support security risk assessments for new systems, embedding information security into IT projects at every stage.
• Assist in maintaining the regional information security risk register.

• Strong understanding and experience of client audit processes within the legal or professional services sector.
• Proven experience managing and maintaining an ISO 27001 ISMS.
• Sound knowledge of data handling best practices, information governance, and data management principles.
• Good understanding of cross-border data regulations, including GDPR and EU data privacy requirements.
• Familiarity with additional security frameworks such as NIST CSF and CIS (desirable).
• Up-to-date awareness of cyber threats, phishing techniques, vulnerabilities, breach trends, and governance developments.
• Experience contributing to security awareness initiatives to enhance employee understanding and compliance.
• Ability to review and improve internal processes to ensure confidentiality, integrity, and availability of information.

• Excellent written and verbal communication skills, with confidence engaging at client, partner and senior leadership level.
• Self-motivated, proactive, and results-driven.
• Strong ability to collaborate with stakeholders across the business, beyond IT.
• Highly developed stakeholder management and influencing skills, both internally and externally.
• Strong organisational skills with the ability to prioritise effectively in a fast-paced environment.
• Effective project management skills to deliver security improvements against defined targets (desirable).
• Proven experience working in a collaborative, team-oriented setting.
• Exceptional attention to detail.
• Professional, confident, and credible manner.

Across more than 80 countries, Dentons helps you grow, protect, operate and finance your organisation by providing uniquely global and deeply local legal solutions. Polycentric, purpose-driven and committed to inclusion, diversity, equity and sustainability, we focus on what matters most to you.

We are committed to building an inclusive culture here at Dentons where our people can thrive, regardless of their background or circumstance. As well as being the right thing to do, it makes good business sense too. A richness of backgrounds, experiences and perspectives helps us best serve our clients and the communities in which we operate.

Dentons is committed to providing equal opportunities for all. We welcome applications from everyone including of any age, ethnicity, religion, sex, sexual orientation, gender identity, nationality, neurodiversity, disability, or with parental or caring responsibilities. We also offer flexible working hours.

During the application process, all applicants have the opportunity to tell us about any adjustments or support they require so they are able to perform at their best. Any information you share with us during the application process is treated in confidence.

If you are interested in applying for this position, we welcome direct applications via our careers page, but if you have any questions beforehand, please email. Enquiries only please – applications will not be accepted via email.

Please note that we will not accept unsolicited CVs sent to the business, nor will we accept any associated terms of business.