Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Strengthen security posture through governance, policy, and assurance in a prestigious law firm.
- Company: Join a leading international law firm with a focus on innovation and security.
- Benefits: Competitive salary, professional development, and a dynamic work environment.
- Why this job: Make a real impact on security assurance and influence outcomes from the start.
- Qualifications: 4+ years in information security, strong knowledge of ISO 27001, and experience in regulated environments.
- Other info: Strategic role with excellent career growth opportunities in a collaborative team.
The predicted salary is between 48000 - 72000 £ per year.
We are partnering with a prestigious international law firm to hire an Information Security Assurance Specialist to join its Information Security and Privacy team within the wider Legal, Risk, and Compliance function, based in London. This is a newly created role reporting to the Information Security Manager, focused on strengthening the firm’s security posture. The role sits firmly in the second line of defence, with an emphasis on governance, policy, and assurance rather than day‑to‑day operations.
The core focus is security assurance testing, particularly penetration testing. You will ensure testing is appropriately scoped, meaningful, and followed through to resolution. You will also embed security assurance into IT projects and change initiatives by defining security requirements, reviewing designs, and working with technical teams to mitigate security risks arising from change. A key aspect of the role is early engagement with projects. You’ll partner with architects, business analysts, and DevOps teams to challenge designs and influence security outcomes from the outset. The role requires strong technical understanding, without hands‑on engineering.
Key Responsibilities- Supporting architecture and design reviews
- Ensuring systems align with InfoSec policies and standards
- Helping evolve assurance frameworks as new technologies are adopted
- Supporting ISO 27001 certification and policy development
This is a strategic role with a broad, firm‑wide view rather than ownership of a single product or platform.
Required Experience- 4+ years’ experience in information security or technical cyber security
- Strong knowledge of ISO 27001 and Cyber Essentials Plus (auditor or implementer experience desirable)
- Experience in regulated or private‑sector environments (law firm experience advantageous; FS/banking backgrounds welcome)
- Understanding of Lines of Defence models and second‑line assurance roles
Please note our advertisements use PQE/salary levels purely as a guide. However, we are happy to consider applications from all candidates who are able to demonstrate the skills necessary to fulfil the role.
Please note that your personal information will be treated in accordance with our Privacy Policy.
Information Security Assurance Specialist employer: Taylor Root Dusseldorf
Contact Detail:
Taylor Root Dusseldorf Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Information Security Assurance Specialist
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, especially those working in law firms or security roles. A friendly chat can open doors and give you insights that job descriptions just can't.
✨Tip Number 2
Get your hands on some real-world scenarios. Brush up on your penetration testing skills and maybe even run through some mock assessments. This will not only boost your confidence but also show potential employers that you're ready to hit the ground running.
✨Tip Number 3
Tailor your approach for each interview. Research the firm’s current security posture and think about how you can contribute to their goals. Bring specific examples of how you've tackled similar challenges in the past to the table.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search!
We think you need these skills to ace Information Security Assurance Specialist
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the Information Security Assurance Specialist role. Highlight your experience with ISO 27001 and any relevant projects you've worked on. We want to see how your skills align with our needs!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're passionate about information security and how you can contribute to our team. Be sure to mention your experience in regulated environments, as that’s a big plus for us.
Showcase Your Technical Knowledge: In your application, don’t shy away from showcasing your technical understanding of security assurance testing and governance. We’re looking for someone who can engage early with projects, so let us know how you’ve done this in the past!
Apply Through Our Website: We encourage you to apply through our website for a smoother process. It helps us keep track of applications and ensures you get all the updates directly from us. Plus, it shows you’re keen on joining our team!
How to prepare for a job interview at Taylor Root Dusseldorf
✨Know Your Stuff
Make sure you brush up on your knowledge of ISO 27001 and Cyber Essentials Plus. Be ready to discuss how you've applied these standards in previous roles, especially in regulated environments. This will show that you understand the importance of governance and assurance.
✨Showcase Your Strategic Thinking
Since this role is all about strengthening security posture, be prepared to talk about how you've influenced security outcomes in past projects. Think of examples where you engaged early with teams to challenge designs and mitigate risks. This will highlight your proactive approach.
✨Understand the Lines of Defence
Familiarise yourself with the Lines of Defence model and be ready to explain how the second line of defence operates. Discuss your experience in assurance roles and how you’ve supported architecture and design reviews to ensure compliance with InfoSec policies.
✨Ask Insightful Questions
Prepare some thoughtful questions about the firm's current security challenges and their approach to embedding security assurance into IT projects. This shows your genuine interest in the role and helps you gauge if the firm’s culture aligns with your values.
