Information Security Officer

London, United Kingdom
Ashurst
21 Current Jobs Openings
Apply Now

Job Description

The Opportunity:
The successful candidate will play a crucial role in ensuring the security of our systems and data by evaluating the risks associated with third-party vendors and internal projects and recommending appropriate risk mitigation strategies.
The Information Security Officer will work closely with cross-functional teams, including the IT, Risk & Compliance, project management, and technical teams, to ensure compliance with security standards and best practices.
Key responsibilities of the role include:
Assessing Security Risks (SCTY - Level 4, BURM - Level 4)

  • Conduct vendor risk assessments and project security risk assessments based on established methodologies and frameworks.
  • Evaluate security risks associated with third-party vendors and internal projects, considering factors such as security, privacy, and compliance.
  • Identify vulnerabilities and potential risks and provide recommendations for risk mitigation strategies.
  • Apply knowledge of industry best practices and regulatory requirements to assess and mitigate security risks.
Information Security (SCTY - Level 4)
  • Ensure compliance with security policies, standards, and procedures in vendor relationships and project activities.
  • Develop and maintain security assessment frameworks and methodologies for vendor risk assessments and project security risk assessments.
  • Stay informed about emerging security threats, industry trends, and regulatory requirements related to vendor management and project security.
  • Participate in incident response activities and contribute to security incident investigations and remediation efforts.
Supplier Relationship Management (SUPP - Level 4)
  • Collaborate with procurement teams to assess and manage security risks associated with vendors.
  • Review vendor security documentation, such as questionnaires, audits, and certifications, to evaluate their security posture.
  • Provide guidance to procurement teams regarding security requirements and standards for vendor selection and ongoing monitoring.
Risk Management (BURM - Level 4)
  • Apply risk management principles to identify, assess, and prioritise security risks.
  • Collaborate with project managers and technical teams to assess security risks and propose appropriate risk mitigation strategies.
  • Track and monitor the implementation of security remediation plans.
Security Compliance Management (SCAD - Level 3, SCTY - Level 4, AUDT - Level 4)
  • Conduct periodic reviews and audits to ensure compliance with security policies, standards, and regulatory requirements.
  • Support the development and enforcement of security policies, standards, and procedures related to vendor management and project security.
  • Support Security audit activities conducted by Internal audit, clients and certification bodies e.g. ISO27001
  • Provide security awareness training and guidance to staff as required.
This is a full-time, permanent role based in our London office with hybrid working.
More information can be found in the job description attached to the role on our careers site
About you:
The successful candidate will have:
  • Bachelor's degree in Computer Science, Information Technology, or a related field (or equivalent work experience).
  • Professional certifications such as CISA, CISM, CISSP or similar credentials are preferred.
  • Strong knowledge of information security principles, best practices, and standards (e.g., ISO 27001, NIST).
  • Experience in co-ordinating and participating in Security audits.
  • Experience in conducting vendor risk assessments and project security risk assessments.
What makes Ashurst a great place to work?
We offer you all the things you should expect from an international law firm, some of which include:
  • competitive remuneration with the flexibility to reward high performance;
  • flexible working;
  • corporate health plans;
  • a global professional development offering for all employees; and
  • an industry-leading programme that celebrates diversity and inclusion.
We are committed to delivering positive impacts to our communities through our Social Impact programme.
We aim to recruit, retain and promote the best people from the widest possible talent pools. We are committed to offering a safe and welcoming environment for all employees to ensure they are supported to work at their best.
Beyond this, what sets Ashurst apart from others is our global strength, our drive to innovate and collaborate, and our commitment to excellence. It is these values that make Ashurst a unique place to work.
#LI-HYBRID
Additional Documents
Information Security Officer JD
Speak up!
Ashurst is committed to ensuring an accountable workplace culture. Candidates are encouraged to report any ethical or conduct concerns to our confidential email address: Please note that this email address should not be used for general enquiries about, or applications for, job positions available at Ashurst as they will not be passed onto the relevant team. Any recruitment enquires should be directed to

Skills Required

Law Enforcement
Beware of fraud agents! do not pay money to get a job

MNCJobs.co.uk will not be responsible for any payment made to a third-party. All Terms of Use are applicable.


Related Jobs

Job Detail

  • Job Id
    JD3780253
  • Industry
    Not mentioned
  • Total Positions
    1
  • Job Type:
    Full Time
  • Salary:
    Not mentioned
  • Employment Status
    Permanent
  • Job Location
    London, United Kingdom
  • Education
    Not mentioned
 
 
Jobs by Function
Popular Job Skills
Popular Industries
Popular Cities
Jobseekers
Employers
Home | About Us | Terms & Conditions | Privacy Policy | Help and FAQ | Our Partners | Contact Us
All rights reserved © 2025.