Chief Information Security Officer (0576)

Chief Information Security Officer (0576)

Full-Time 80000 - 100000 £ / year (est.) No working from home possible
M

At a Glance

  • Tasks: Lead and shape the firm's cyber security strategy while promoting a security-first culture.
  • Company: Dynamic firm focused on embedding best practices in information security.
  • Benefits: Competitive salary, professional development, and opportunities for travel.
  • Other info: Collaborative environment with opportunities for continuous professional growth.
  • Why this job: Make a real impact by protecting vital information assets and leading security initiatives.
  • Qualifications: Degree-level education and significant experience in cyber or information security.

The predicted salary is between 80000 - 100000 £ per year.

Join us to lead and influence the firm's cyber security and information security programme, ensuring best practice is embedded at every level.

The role Reporting to the Chief Technology Officer, this is a fantastic opportunity to shape and drive the firm's information and cyber security strategy.

Acting as a trusted advisor to stakeholders across the business, you will promote a strong security‑first culture, embed best practices, and play a key role in protecting the firm's information assets.

You will lead the ongoing development and management of the firm's Information Security Management System (ISMS), maintain ISO 27001 and Cyber Essentials Plus accreditation, and oversee security policies, controls, audits, testing, and compliance activities.

Working closely with the IT team, you will identify emerging cyber threats, strengthen security awareness across the firm, and ensure robust, effective security practices are embedded throughout the organisation.

The person Degree‑level education (or equivalent experience) and a professional cyber/information security qualification, or a commitment to achieving one.

Significant experience in cyber or information security, with strong knowledge of ISO 27001, risk management, and audit principles.

Excellent communication and stakeholder management skills, with the ability to engage senior leaders, lead forums, and present board‑level reports.

Strong attention to detail, analytical thinking, and a logical, systematic approach to solving complex security challenges.

Proactive and collaborative style, with the ability to explain technical concepts clearly, build relationships, and drive engagement across the business.

Committed to continuous professional development, with the flexibility to travel between offices and respond to the evolving demands of the role.

The activities Lead and deliver information and cyber security awareness, training, and education initiatives across the firm.

Support client audits, supplier assurance questionnaires, and tender responses by providing information security expertise.

Manage the response to cyber security incidents, leading investigations, corrective actions, and lessons learned.

Develop and maintain the firm's internal information security audit programme, ensuring actions are effectively implemented.

Oversee and continually improve the firm's Information Security Management System (ISMS) and ISO 27001 compliance.

Lead security risk assessments, maintain the risk register, and ensure emerging risks are effectively managed.

Develop, implement, and monitor information security policies, procedures, and controls in collaboration with key stakeholders.

Work closely with IT, Risk

M

Contact Details:

Mills & Reeve Recruitment Team

We think you need these skills to ace Chief Information Security Officer (0576)

Cyber Security Strategy
Information Security Management System (ISMS)
ISO 27001
Cyber Essentials Plus
Risk Management
Audit Principles
Stakeholder Management