Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Support governance, lead audits, and enhance security resilience across various jurisdictions.
- Company: Join a forward-thinking law firm on a major cyber transformation journey.
- Benefits: Enjoy a hybrid work model, competitive salary, and strong UK benefits.
- Why this job: Be part of a strategic cyber investment with a focus on innovation and security.
- Qualifications: Experience in information security or compliance; knowledge of ISO 27001 is essential.
- Other info: Certifications like CISMP or CISSP are a bonus; flexible working options available.
The predicted salary is between 55729 - 65729 £ per year.
Hybrid (Cheltenham, 3 Days Onsite + Flexible Working) | £55,729–£65,729 + Strong UK Benefits | Strategic Cyber Investment
Be part of a forward-thinking law firm undergoing a major cyber transformation. As an Information Security Analyst, you’ll support governance, lead audits, and build security resilience across multiple jurisdictions.
What You’ll Be Doing
- Maintain and improve the ISMS, including policies, procedures, and guidelines
- Ensure ongoing ISO 27001:2022 alignment across UK and international offices
- Conduct internal audits, lead remediation efforts, and support third-party reviews
- Run supplier due diligence and respond to client risk assessments
- Investigate and escalate incidents, contributing to ongoing threat awareness
- Deliver awareness training and drive adoption of secure behaviours
What You’ll Bring
- Experience in information security or compliance-based roles
- Knowledge of ISO 27001, Cyber Essentials, NIST or similar frameworks
- Ability to communicate and collaborate across business functions
- Comfortable working in cloud and Microsoft 365 environments
- Certifications like CISMP, CISSP or ISO 27001 Lead Auditor are a bonus
Information Security Analyst employer: Locke and McCloud
Contact Detail:
Locke and McCloud Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Analyst
✨Tip Number 1
Familiarise yourself with ISO 27001:2022 and other relevant frameworks. Understanding these standards will not only help you in interviews but also demonstrate your commitment to the role and its requirements.
✨Tip Number 2
Network with professionals in the information security field, especially those who have experience in law firms or similar environments. Engaging with them can provide insights into the specific challenges and expectations of the role.
✨Tip Number 3
Stay updated on the latest trends and threats in cybersecurity. Being knowledgeable about current issues will allow you to speak confidently about how you can contribute to the firm's security resilience during discussions.
✨Tip Number 4
Prepare to discuss your experience with audits and compliance in detail. Be ready to share specific examples of how you've led remediation efforts or improved security processes in previous roles.
We think you need these skills to ace Information Security Analyst
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in information security and compliance. Emphasise your knowledge of ISO 27001 and any certifications you hold, such as CISMP or CISSP.
Craft a Compelling Cover Letter: In your cover letter, explain why you're passionate about information security and how your skills align with the role. Mention specific experiences that demonstrate your ability to maintain ISMS and conduct audits.
Showcase Your Technical Skills: Detail your familiarity with cloud environments and Microsoft 365 in your application. Provide examples of how you've successfully implemented security measures or conducted risk assessments in previous roles.
Highlight Soft Skills: Communication and collaboration are key in this role. Include examples of how you've worked across different business functions to drive security awareness and secure behaviours within an organisation.
How to prepare for a job interview at Locke and McCloud
✨Showcase Your Knowledge of Security Frameworks
Make sure to highlight your understanding of ISO 27001, Cyber Essentials, and NIST during the interview. Be prepared to discuss how you've applied these frameworks in previous roles and how they can benefit the firm.
✨Demonstrate Your Audit Experience
Since the role involves conducting internal audits and leading remediation efforts, be ready to share specific examples of audits you've led or participated in. Discuss the challenges you faced and how you overcame them.
✨Communicate Effectively Across Functions
The ability to collaborate with various business functions is crucial. Prepare to discuss instances where you've successfully communicated security policies or collaborated on projects with different teams.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving skills in real-world situations. Think about past incidents you've managed and how you escalated issues or contributed to threat awareness.
