At a Glance
- Tasks: Lead the implementation of ISO 27001 and manage information security across the firm.
- Company: Dynamic legal firm with a focus on information security and governance.
- Benefits: Great company-wide benefits, hybrid working, and opportunities for growth.
- Other info: Join a global business and thrive in a fast-paced environment.
- Why this job: Take ownership in a high-impact role and shape the firm's security culture.
- Qualifications: Strong knowledge of ISO 27001 and experience in professional services.
The predicted salary is between 50000 - 65000 € per year.
We're looking for an experienced information security professional to take ownership of the implementation and long-term management of the firm's Information Security Management System (ISMS). This is a high-impact role crossing IT, Risk, Operations and Professional Standards, with responsibility for embedding ISO 27001 across the business, driving audit readiness, strengthening governance frameworks, and championing a strong information security culture.
The Role
- Leading ISO 27001 implementation, governance and continuous improvement
- Managing internal and external audit activity
- Owning ISMS documentation, controls and policies
- Driving risk identification, treatment and monitoring
- Supporting wider governance and compliance initiatives
- Acting as the go-to SME for ISO 27001 across the organisation
About you
- Strong working knowledge of ISO 27001
- Ideally you have experience in a law firm – must be in professional services
- Experience implementing and maintaining compliant ISMS frameworks
- Excellent stakeholder management skills
- Strong governance, documentation and audit experience
- Ability to work cross-functionally within a fast-paced environment
What's in it for you?
- Great company wide benefits
- A brilliant opportunity for someone wanting real ownership and visibility
- Opportunity to work in a global business
- Grow with the firm as they continue expanding
- Hybrid and Flexible working
Information Security Officer - Legal in Birmingham employer: QED Legal LLP
As an Information Security Officer at our Birmingham office, you will join a dynamic and supportive work culture that prioritises employee growth and development. With hybrid working options and a commitment to fostering a strong information security culture, we offer competitive benefits and the chance to take ownership of impactful projects within a global firm. This role not only provides visibility and responsibility but also positions you at the forefront of our continuous improvement initiatives in a fast-paced professional services environment.
StudySmarter Expert Advice🤫
We think this is how you could land Information Security Officer - Legal in Birmingham
✨Tip Number 1
Network like a pro! Reach out to your connections in the legal and information security fields. Attend industry events or webinars to meet potential employers and get your name out there. Remember, it’s all about who you know!
✨Tip Number 2
Prepare for interviews by brushing up on ISO 27001 and its practical applications. Be ready to discuss how you've implemented ISMS frameworks in the past. Show them you’re not just familiar with the standards, but that you can bring real value to their team.
✨Tip Number 3
Don’t underestimate the power of follow-ups! After an interview, send a quick thank-you email to express your appreciation and reiterate your interest in the role. It keeps you fresh in their minds and shows your enthusiasm.
✨Tip Number 4
Apply through our website for the best chance at landing that job! We want to see your application directly, and it helps us keep track of all the amazing candidates like you. Plus, it’s super easy and straightforward!
We think you need these skills to ace Information Security Officer - Legal in Birmingham
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the role of Information Security Officer. Highlight your experience with ISO 27001 and any relevant work in professional services, especially if you've been in a law firm. We want to see how your skills align with what we're looking for!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how you can contribute to our ISMS. Be sure to mention specific examples from your past roles that demonstrate your governance and audit experience.
Showcase Your Stakeholder Management Skills:In this role, you'll be working with various teams, so it's crucial to highlight your stakeholder management skills. Share examples of how you've successfully collaborated across departments in previous positions. We love seeing teamwork in action!
Apply Through Our Website:We encourage you to apply through our website for a smoother application process. It helps us keep everything organised and ensures your application gets the attention it deserves. Plus, it’s super easy!
How to prepare for a job interview at QED Legal LLP
✨Know Your ISO 27001 Inside Out
Make sure you have a solid understanding of ISO 27001 and its implementation. Brush up on the key principles, controls, and documentation requirements. Being able to discuss specific examples from your experience will show that you're not just familiar with the standard but can also apply it effectively.
✨Showcase Your Stakeholder Management Skills
Prepare to discuss how you've successfully managed stakeholders in previous roles. Think about specific instances where you navigated complex relationships or drove change across departments. This will demonstrate your ability to work cross-functionally, which is crucial for this role.
✨Be Ready for Audit Discussions
Since audit readiness is a big part of the job, be prepared to talk about your experience with internal and external audits. Highlight any challenges you faced and how you overcame them. This will show that you understand the importance of governance and compliance in maintaining an effective ISMS.
✨Emphasise Your Continuous Improvement Mindset
Talk about how you've contributed to continuous improvement in past roles. Whether it's refining processes or enhancing security measures, showcasing your proactive approach will resonate well. It’s all about demonstrating that you’re not just maintaining standards but actively looking to elevate them.
