Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Strengthen information security by overseeing technical assurance testing and managing risk resolutions.
- Company: Join a leading firm focused on enhancing its information security posture.
- Benefits: Competitive salary, professional development, and opportunities for career advancement.
- Why this job: Make a real impact in safeguarding information security while working with cutting-edge technologies.
- Qualifications: Experience in information security, strong knowledge of ISO 27001, and excellent communication skills.
- Other info: Dynamic role with opportunities to collaborate with senior leadership and drive continuous improvement.
The predicted salary is between 36000 - 60000 £ per year.
Reporting to the Information Security Manager, the Information Security Assurance Specialist will play a pivotal role in strengthening the firm’s information security posture. It will identify where security assurance testing of the firm’s systems and processes is required, commission the required tests from relevant suppliers, and manage their findings through to resolution. It will also provide security assurance in relation to the IT project and change management lifecycles by identifying security requirements, reviewing project design documentation, and working with technical stakeholders to mitigate information security risks associated with technical change requests. The successful candidate will be a proactive and motivated individual with the ability to quickly grasp technical concepts and effectively communicate information security risks to a range of stakeholders. A strong background in information security within professional or financial services is essential.
KEY RESPONSIBILITIES
- Plan, scope, commission and oversee a wide range of technical assurance testing, including:
- Penetration tests of IT project deliverables as they approach release to production.
- The baseline annual penetration test of the firm’s core systems and IT infrastructure.
- Other offensive security testing, such as physical penetration tests and social engineering exercises (e.g. vishing), to provide assurance in relation to non-technical security controls.
- Helping to define what security testing the firm requires and when.
- Pre-empting and pre-defining typical information security requirements for projects.
CANDIDATE PROFILE
Candidates for this position must have:
- Strong experience in an information security or technical cyber security role, ideally within a regulated environment or an organisation aligned to ISO 27001.
- Strong knowledge of ISO 27001 and Cyber Essentials Plus standards.
- A self-motivated, results-driven mindset with a strong sense of ownership and accountability.
- Excellent organisational skills, with the ability to prioritise effectively in a fast-paced environment.
- Intellectual curiosity and a commitment to continuous improvement, including researching new ideas and validating them through testing.
- Proven ability to collaborate effectively, build strong professional relationships, and communicate confidently with senior leadership.
Information Security Assurance Specialist in London employer: Slaughter and May
Contact Detail:
Slaughter and May Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Assurance Specialist in London
✨Tip Number 1
Network like a pro! Reach out to folks in the information security field on LinkedIn or at industry events. A friendly chat can lead to opportunities that aren’t even advertised yet.
✨Tip Number 2
Show off your skills! Create a portfolio showcasing your past projects, especially those related to security assurance testing. This gives potential employers a taste of what you can bring to the table.
✨Tip Number 3
Prepare for interviews by brushing up on common security scenarios and how you’d handle them. Be ready to discuss your experience with ISO 27001 and Cyber Essentials Plus – they’ll want to know you’ve got the chops!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search.
We think you need these skills to ace Information Security Assurance Specialist in London
Some tips for your application 🫡
Tailor Your CV: Make sure your CV speaks directly to the role of Information Security Assurance Specialist. Highlight your experience in information security, especially within professional or financial services, and showcase any relevant certifications like ISO 27001.
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how your skills align with our needs. Don’t forget to mention your proactive approach and ability to communicate risks effectively.
Showcase Your Technical Skills: We want to see your technical chops! Include specific examples of security assurance testing you've managed or participated in, such as penetration tests or risk assessments. This will help us understand your hands-on experience.
Apply Through Our Website: We encourage you to apply through our website for a smoother application process. It’s the best way for us to receive your application and keep track of it. Plus, it shows you’re keen on joining our team!
How to prepare for a job interview at Slaughter and May
✨Know Your Stuff
Make sure you brush up on your knowledge of ISO 27001 and Cyber Essentials Plus standards. Be ready to discuss how you've applied these in previous roles, especially in a regulated environment. This shows you're not just familiar with the concepts but can also implement them effectively.
✨Showcase Your Problem-Solving Skills
Prepare examples of how you've identified and mitigated information security risks in past projects. Use the STAR method (Situation, Task, Action, Result) to structure your answers. This will help you demonstrate your proactive approach and ability to manage risks effectively.
✨Communicate Clearly
Since you'll be working with various stakeholders, practice explaining complex technical concepts in simple terms. Think about how you would communicate security risks to someone without a technical background. This will highlight your ability to bridge the gap between technical and non-technical teams.
✨Be Ready for Scenario Questions
Expect scenario-based questions that test your decision-making skills in real-world situations. Prepare by thinking through potential challenges you might face in this role, such as managing findings from penetration tests or collaborating with IT Architecture on design documentation.
