Cyber Security Risk & Governance Manager in Nottingham

Cyber Security Risk & Governance Manager in Nottingham

Nottingham Full-Time 60000 - 80000 £ / year (est.) No working from home possible
Lawfront

At a Glance

  • Tasks: Define and implement IT security policies while ensuring compliance across the organisation.
  • Company: Join one of the UK's fastest-growing legal groups with a focus on innovation.
  • Benefits: Competitive salary, professional development, and a chance to shape security governance.
  • Other info: Exciting growth opportunities in a collaborative and supportive team.
  • Why this job: Be a key player in enhancing cyber security within a dynamic legal environment.
  • Qualifications: Cybersecurity certifications and strong knowledge of security frameworks required.

The predicted salary is between 60000 - 80000 £ per year.

When registering to this job board you will be redirected to the online application form. Please ensure that this is completed in full in order that your application can be reviewed.

Lawfront is one of the UK’s most ambitious and rapidly expanding Legal Groups. Through strategic acquisition and the integration of high-performing regional law firms, we are building a national platform that combines local excellence with the strength, investment, and innovation of a modern Legal organisation. Our growth trajectory is significant and accelerating. As we continue to welcome new firms into the Lawfront family, we are strengthening our central functions to ensure we deliver consistent, scalable, and best-in-class support across the Group.

Role Purpose: The Cyber Security Risk & Assurance Lead is responsible for defining, implementing, and governing IT security policies, standards, and compliance frameworks across the organisation. This role ensures that security controls are embedded into IT architecture and delivery, while maintaining alignment with regulatory requirements and organisational risk appetite. Operating as part of a central (horizontal) IT Security function, this role works closely with Architecture, Delivery, and Service teams; providing oversight, assurance, and governance rather than hands-on operational security execution. This role is governance-led rather than operational, focusing on defining what “good” looks like and ensuring it is consistently applied. The Cyber Security Risk & Assurance Lead provides oversight and assurance, while operational security execution remains with IT Security Engineers within the Service Delivery function. The success of this role depends on effectively embedding security into architecture and delivery without creating unnecessary friction, ensuring a risk-based, business-aligned approach to security and compliance.

Key Responsibilities:

  • Security Policy & Standards
  • Governance- & Compliance
  • Audit & Assurance
  • Security Architecture Alignment
  • Risk Management
  • Stakeholder Engagement
  • Vendor & Third-Party Security
  • Continuous Improvement & Awareness

Experience:

  • Holder of relevant CyberSecurity Certifications – e.g. CISM, CCSP or CISSP
  • Strong knowledge of security frameworks (e.g., ISO 27001, NIST, CIS Controls)
  • Understanding of cloud security principles (Azure, AWS, or GCP)
  • Familiarity with the concepts, standards and tools involved in controlling identity and access management, data protection, resilience & loss prevention, and network security
  • Experience with risk management and compliance tooling (GRC platforms desirable)
  • Experience with selecting, deploying, maintaining and securing IT systems in a mid-sized (Apply online only) user) UK organisation.
  • Familiarity with popular UK law firm applications and services is advantageous.
  • Ideally around 7–10 years in IT and security, with strong focus on governance, risk, and compliance
  • Experience managing audits and regulatory requirements
  • Experience working within enterprise IT environments and architecture governance structures, ideally within a legal environment.
  • Experience in regulated industries (preferred)

It's an exciting time to join our organisation, and this will give you a fantastic opportunity to be a key part of our development. If this sounds like you then please get in touch by clicking apply below.

Cyber Security Risk & Governance Manager in Nottingham employer: Lawfront

Lawfront is an exceptional employer, offering a dynamic work environment that fosters innovation and collaboration within the rapidly expanding legal sector. With a strong focus on employee growth and development, we provide ample opportunities for professional advancement while ensuring a supportive culture that values local excellence and strategic integration. Join us in our mission to redefine legal services, where your expertise in Cyber Security Risk & Governance will play a pivotal role in shaping our future success.

Lawfront

Contact Details:

Lawfront Recruitment Team

StudySmarter Expert Advice🤫

We think this is how you could land Cyber Security Risk & Governance Manager in Nottingham

Get Involved in the Cybersecurity Community

Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!

Show Off Your Skills with Capture the Flag Competitions

Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including Lawfront, love seeing candidates who actively engage in these challenges.

Tailor Your Online Presence

Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!

Apply Directly Through Lawfront

Don’t forget to head straight to our website and check out any openings for cybersecurity roles at Lawfront. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.

We think you need these skills to ace Cyber Security Risk & Governance Manager in Nottingham

Cyber Security Certifications (CISM, CCSP, CISSP)
Security Frameworks (ISO 27001, NIST, CIS Controls)
Cloud Security Principles (Azure, AWS, GCP)
Identity and Access Management
Data Protection
Resilience and Loss Prevention
Network Security

Some tips for your application 🫡

Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!

Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!

Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at Lawfront insight into your practical problem-solving abilities and makes your application memorable.

Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to Lawfront that you’re committed to staying ahead in the game.

How to prepare for a job interview at Lawfront

Sharpen Your Technical Skills

For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.

Prepare for Scenario-Based Questions

Expect the interviewers at Lawfront to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.

Highlight Your Certifications

Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at Lawfront.

Show Your Passion for Cybersecurity

Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.