Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead business continuity and enhance information security management across multiple jurisdictions.
- Company: Join a leading professional services firm with a focus on innovation and security.
- Benefits: Competitive salary, flexible working options, and opportunities for professional growth.
- Why this job: Make a real impact in safeguarding information security and business continuity.
- Qualifications: Experience in information security management and strong communication skills required.
- Other info: Dynamic role with a culture of continuous improvement and resilience.
The predicted salary is between 48000 - 84000 £ per year.
As a leading professional services firm, we are seeking a highly skilled Information Security Manager to join our Information Security & Risk department. The successful candidate will be responsible for running our business continuity framework alongside maintaining and enhancing our information security management programme. This pivotal role covers planning, testing and training for business continuity, third party security risk management, business impact assessments, ISO 27001 governance, policy management, and internal auditing in line with global best practices.
Key Responsibilities
- Business Continuity Management
- Lead the development, update and ongoing management of the firm’s Business Continuity Plans (BCP), ensuring it remains current and effective across all jurisdictions.
- Organise and conduct BCP tests with local business continuity groups, including documentation, reporting and follow-up of test outcomes.
- Provide business continuity training and run targeted group business continuity sessions for employees.
- Undertake Business Impact Assessments (BIAs) with various teams to ensure understanding and documentation of Recovery Time Objectives (RTOs), Recovery Point Objectives (RPOs), system criticality and dependencies, supporting disaster recovery planning.
- Security and Third Party Risk Management
- Manage and complete information security assessments and Due Diligence Questionnaires (DDQs) received from clients.
- Support outgoing third party assessments, onboarding and risk reviews, including working directly with third parties to address security requirements.
- Oversee third party risk management from a security perspective, ensuring risks are documented, reported and mitigated as appropriate.
- ISO 27001 Governance and Internal Audit
- Support the firm’s ongoing ISO 27001 certification and framework, including continuous improvement of the ISMS (Information Security Management System).
- Develop and maintain the firm’s information security policies and procedures in line with industry best practice and regulatory requirements across all jurisdictions.
- Undertake clause-based auditing, policy reviews and control monitoring as part of the ISO 27001 role.
- Liaise with internal and external auditors and regulatory bodies during information security audits and reviews.
- Training and Awareness
- Deliver induction and information security training for all new joiners to the firm.
- Develop and run targeted information security training and awareness programmes for specific business units.
- Maintain a high level of information security awareness across the business through communications and engagement initiatives.
- Other Responsibilities
- Support the firm’s response to information security incidents, including investigation, documentation and coordination as required.
- Keep abreast of latest trends, threats and technologies; provide advisory and guidance as appropriate.
- Contribute to a culture of continual improvement, integrity, confidentiality and resilience across the firm.
Skills, Knowledge and Expertise
- Proven experience in information security management, business continuity planning and risk management, ideally within a professional services or legal firm environment.
- Experience supporting and/or maintaining ISO 27001 certification and managing an ISMS.
- Strong knowledge of business impact assessments, disaster recovery, RTOs/RPOs, and system criticality mapping.
- Excellent communication and interpersonal skills, with the ability to deliver effective training and collaborate across global teams.
- Analytical and detail-oriented, with a proactive approach to risk identification and mitigation.
- Professional certifications such as CISSP, CISM, ISO 27001 Lead Implementer/Auditor, CBCP, or equivalent are desirable.
Information Security Manager in London employer: Ogier Legal Limited
Contact Detail:
Ogier Legal Limited Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Manager in London
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry, attend relevant events, and engage with professionals on platforms like LinkedIn. We all know that sometimes it’s not just what you know, but who you know that can help you land that dream job.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. We recommend practising common interview questions and tailoring your answers to highlight your experience in information security management and business continuity. Show them you’re the perfect fit!
✨Tip Number 3
Don’t forget to follow up after your interviews! A quick thank-you email can go a long way in keeping you top of mind. We suggest mentioning something specific from your conversation to make it personal and memorable.
✨Tip Number 4
Apply directly through our website! It’s the best way to ensure your application gets seen by the right people. Plus, it shows your enthusiasm for the role and the company. Let’s get you that Information Security Manager position!
We think you need these skills to ace Information Security Manager in London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Information Security Manager role. Highlight your experience in business continuity planning, risk management, and ISO 27001 certification. We want to see how your skills match what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how your background makes you the perfect fit for our team. Keep it engaging and relevant to the job description.
Showcase Your Achievements: Don’t just list your responsibilities; showcase your achievements! Use specific examples of how you've improved processes or managed risks in previous roles. We love seeing quantifiable results that demonstrate your impact.
Apply Through Our Website: We encourage you to apply through our website for a smoother application process. It helps us keep track of your application and ensures you don’t miss any important updates from us. Plus, it’s super easy!
How to prepare for a job interview at Ogier Legal Limited
✨Know Your Stuff
Make sure you brush up on your knowledge of information security management and business continuity planning. Familiarise yourself with ISO 27001 standards and be ready to discuss how you've applied these in past roles. This will show that you're not just a candidate, but someone who truly understands the field.
✨Showcase Your Experience
Prepare specific examples from your previous work that highlight your experience in managing information security assessments and conducting Business Impact Assessments (BIAs). Use the STAR method (Situation, Task, Action, Result) to structure your answers, making it easy for the interviewer to see your impact.
✨Engage with Questions
Don’t forget that interviews are a two-way street! Prepare thoughtful questions about the company’s current information security challenges or their approach to business continuity. This shows your genuine interest in the role and helps you assess if the company is the right fit for you.
✨Communicate Clearly
Since this role involves training and collaboration across teams, practice articulating complex security concepts in simple terms. During the interview, focus on clear communication and demonstrate your interpersonal skills. This will reassure them that you can effectively engage with various stakeholders.
