At a Glance
- Tasks: Lead the firm's information security strategy and manage a small team.
- Company: Join Stewarts, a leading law firm with a focus on innovation.
- Benefits: Competitive salary, professional development, and a supportive work environment.
- Other info: Opportunity to work in London with excellent career advancement potential.
- Why this job: Make a real impact in cybersecurity while growing your career in a dynamic setting.
- Qualifications: Experience in information security and strong leadership skills required.
The predicted salary is between 36000 - 60000 £ per year.
We are looking for an Information Security Manager to join our IT team in London.
Job Responsibilities
- Develop and deliver the firm’s information security strategy and roadmap.
- Provide subject matter expertise and guidance on information security to partners and staff.
- Lead and mentor a small team, fostering professional growth and development.
- Lead the implementation and ongoing management of ISO 27001, including policy and control implementation and stakeholder engagement.
- Own the information security risk management process, including risk assessment, and risk/information asset register maintenance.
- Lead the development, implementation, and review of security policies, standards, and procedures.
- Ensure compliance with ISO 27001 and Cyber Essentials Plus.
- Oversee third-party risk management, including onboarding/offboarding and ongoing due diligence.
- Coordinate and respond to client audits and assurance activities.
- Maintain awareness of the current cyber-risk landscape for the firm and factor into the annual strategic cyber-plan.
Security Operations
- Own and manage the relationship with the firm’s Managed Security Operations Centre (SOC), acting as the primary point of contact, ensuring service levels are met, and coordinating incident response.
- Oversee operational security including server and endpoint protection, M365 security, identity and access management, vulnerability assessments, patching, and system hardening.
- Manage security monitoring activities and support business continuity and disaster recovery initiatives.
- Monitor emerging threats advising the business on risk and required actions.
- Renew the firm’s Cyber Essentials Plus certification on an annual basis.
Security Projects
- Lead the delivery of security projects, ensuring they are completed on time, within scope, and aligned with the firm’s strategic objectives.
- Collaborate with project managers and business stakeholders to integrate security requirements into both IT and non-IT projects ensuring Secure by Design principles are embedded from the outset.
- Work with cross-functional teams to identify, assess, and mitigate security risks in business initiatives.
Stakeholder Engagement
- Acts within boundaries.
- Shows commitment, passion and enthusiasm.
- Is a respectful, reliable and supportive team player.
- Reflects the firm’s culture.
Seniority level: Mid‑Senior level
Employment type: Full‑time
Job function: Legal and Information Technology Law Practice
Location: London, England, United Kingdom
Information Security Manager employer: Stewarts
Stewarts is an exceptional employer, offering a dynamic work environment in the heart of London where innovation and professional growth are at the forefront. As an Information Security Manager, you will have the opportunity to lead a dedicated team while implementing cutting-edge security strategies that protect our clients and enhance your career development. With a strong commitment to employee well-being and a culture that values collaboration and respect, Stewarts provides a unique platform for meaningful and rewarding employment.
StudySmarter Expert Advice🤫
We think this is how you could land Information Security Manager
✨Tip Number 1
Network like a pro! Reach out to your connections in the industry, attend relevant events, and engage with professionals on platforms like LinkedIn. We all know that sometimes it’s not just what you know, but who you know that can help you land that dream job.
✨Tip Number 2
Prepare for interviews by researching the company and its culture. Understand their information security needs and be ready to discuss how your skills align with their goals. We want you to shine, so practice common interview questions and have your own questions ready to show your interest!
✨Tip Number 3
Showcase your expertise! Create a portfolio or a presentation that highlights your past projects and achievements in information security. This will give you an edge and demonstrate your hands-on experience, making it easier for us to see how you can contribute to the team.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets noticed. Plus, we love seeing candidates who take the initiative to engage directly with us. So go ahead, hit that apply button and let’s get the conversation started!
We think you need these skills to ace Information Security Manager
Some tips for your application 🫡
Tailor Your CV:Make sure your CV speaks directly to the Information Security Manager role. Highlight your experience with ISO 27001 and any relevant security projects you've led. We want to see how your skills align with our needs!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how you can contribute to our team. Be sure to mention your leadership experience and your approach to risk management.
Showcase Your Expertise:Don’t hold back on showcasing your subject matter expertise in information security. Mention specific tools, frameworks, or methodologies you’ve used, especially those related to compliance and risk management. We love seeing candidates who are proactive!
Apply Through Our Website:We encourage you to apply through our website for a smoother application process. It helps us keep track of your application and ensures you don’t miss out on any important updates from us!
How to prepare for a job interview at Stewarts
✨Know Your Stuff
Make sure you brush up on the latest trends and best practices in information security, especially around ISO 27001 and Cyber Essentials Plus. Being able to discuss these topics confidently will show that you're not just familiar with the basics but are genuinely passionate about the field.
✨Showcase Your Leadership Skills
Since the role involves leading and mentoring a team, be prepared to share examples of how you've successfully managed teams in the past. Highlight your approach to fostering professional growth and how you handle challenges within a team setting.
✨Prepare for Scenario Questions
Expect questions that ask how you would handle specific security incidents or risk management scenarios. Think through potential situations you might face in this role and prepare structured responses that demonstrate your problem-solving skills and strategic thinking.
✨Engage with Stakeholders
The job requires strong stakeholder engagement, so be ready to discuss how you've effectively communicated with various stakeholders in previous roles. Share examples of how you’ve built relationships and ensured alignment on security initiatives across different teams.
