Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Ensure top-notch security and compliance while collaborating with global teams.
- Company: Join a leading firm focused on innovative information security solutions.
- Benefits: Competitive salary, flexible working options, and opportunities for professional growth.
- Why this job: Make a real difference in protecting data and enhancing security practices.
- Qualifications: Degree in a technical field and experience in information security preferred.
- Other info: Dynamic role with a chance to work on cutting-edge security technologies.
The predicted salary is between 36000 - 60000 £ per year.
An exciting opportunity within the General Counsel & Risk team as part of our global Information Security team. The individual will work closely with the UK, Australia and US-based teams in the following primary areas of responsibility, focusing on the UK and EMEA offices:
- Responsibilities
- Providing assurance to external stakeholders, including:
- Supporting the maintenance of the Firms ISO 27001 certification, in particular:
- Preparing new and existing business units for certification/audit.
- Collating metrics in support of governance and continual improvement.
- Risk assessing new ways of working, alongside the Risk and IT teams.
- Assessing compliance with client-specific security requirements within the legal teams.
- Managing the ISMS tools, documentation and trackers.
- Supporting internal security audit activities.
- Investigate and manage DLP alerts and user behaviour anomalies, escalating as needed.
- Support incident response for phishing, impersonation scams, and other security events.
- Assist with API integration projects to enhance security workflows (e.g., ServiceNow integrations).
- Deliver and monitor phishing simulation campaigns, producing reports and insights.
- Contribute to security communications and awareness programs across the firm.
- Participate in onboarding new security technologies such as Data Security Posture Management (DSPM).
- Engage with AI Risk and Governance discussions to support emerging technology adoption.
- Build strong relationships with IT, Risk, HR, and legal teams to embed security into business processes.
- Provide practical security advice to internal stakeholders.
- Degree educated (technical degree or similar).
- We would expect the successful candidate to have around three years’ experience in information security but may consider those with less experience providing they can demonstrate they meet the required competencies.
- Strong knowledge of ISO 27001 implementation and certification.
- Power BI analytics and reporting.
- One or more of the following desired - MSc in security or similar; CISSP; CISA/CISM; ISO 27001 Lead Auditor.
- Professional Services experience preferable.
- Adaptable, diligent and works with initiative.
- Strong relationship builder - internal and external.
- Familiarity with security tools and systems would be advantageous (e.g., Email DLP, UEBA, phishing simulation).
- Experience working as part of a global team.
Information Security Analyst in City of London employer: Herbert Smith Freehills Kramer
Contact Detail:
Herbert Smith Freehills Kramer Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Analyst in City of London
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, especially those already working in information security. Attend meetups or webinars, and don’t be shy about asking for informational interviews. We all know that sometimes it’s not just what you know, but who you know!
✨Tip Number 2
Get your hands dirty with practical experience. Volunteer for projects or internships that allow you to work on real-world security issues. This will not only boost your CV but also give you some solid stories to share during interviews. We love seeing candidates who can demonstrate their skills in action!
✨Tip Number 3
Prepare for those tricky interview questions! Brush up on your knowledge of ISO 27001 and be ready to discuss how you’ve handled security incidents in the past. We want to see your problem-solving skills in action, so think of examples that showcase your adaptability and initiative.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we’re always looking for passionate individuals who are eager to contribute to our global team. So, get your application in and let’s make some security magic happen together!
We think you need these skills to ace Information Security Analyst in City of London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Information Security Analyst role. Highlight your experience with ISO 27001 and any relevant security tools you've worked with. We want to see how your skills match what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how you can contribute to our global team. Keep it concise but impactful – we love a good story!
Showcase Your Experience: When detailing your experience, focus on specific projects or tasks that relate to the responsibilities listed in the job description. Whether it's managing DLP alerts or supporting audits, we want to know what you've done and how it relates to us.
Apply Through Our Website: Don't forget to apply through our website! It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it makes the whole process smoother for everyone involved!
How to prepare for a job interview at Herbert Smith Freehills Kramer
✨Know Your ISO 27001 Inside Out
Make sure you brush up on your knowledge of ISO 27001, as it’s a key part of the role. Be ready to discuss how you've contributed to certification processes in the past or how you would approach preparing teams for audits.
✨Showcase Your Analytical Skills
Since Power BI analytics and reporting are mentioned, be prepared to talk about your experience with data analysis. Bring examples of how you've used analytics to drive security improvements or assess risks in previous roles.
✨Demonstrate Your Team Spirit
This role involves collaboration with various teams like IT, Risk, and Legal. Share specific examples of how you've built strong relationships in past positions and how you’ve worked effectively within a global team.
✨Prepare for Scenario-Based Questions
Expect questions that ask how you would handle specific security incidents, such as phishing attacks or DLP alerts. Think through your responses ahead of time, focusing on your problem-solving skills and ability to act under pressure.
