Search

Security and Compliance Analyst

companyDentons
locationLondon, UK
PublishedPublished: Published 1 month ago
Compliance Management Systems / Technology
Department: Technology
Duration: 12 month FTC
Location: Any UK Office
Reports to: Head of Information Security UKIME
Reference no: 7092

The Role

The Security & Compliance Analyst is a key role within the UK & Middle East information security team. The Security & Compliance Analyst will be responsible for delivery and maintenance of the client audit process for our clients, the vendor risk assessment process, as well as the IEC/ISO 27001 & PCI certifications. This position will act as a subject matter expert on information security compliance and governance, acting as coordinator and lead analyst for the above-named initiatives.

Candidate Profile

You will be an experienced and highly skilled individual, able to work efficiently, without guidance or supervision. Your stakeholder skills and interpersonal skills will enable you to develop positive relationships across the firm for example dealing with partner-level executives and the office of the General Counsel. Business communication skills are vital and the key to this is being able to translate technical jargon into non-technical speak.

Duties & Responsibilities

  • Develop and enhance the firm's practices and processes to ensure security considerations are implemented in line with ISO standards and client demand.
  • Assist in the development, implementation and communication of policies in conjunction with the Head of Information Security and the IT Director.
  • Respond to client tender information request documents and bids and own the client audit process and make sure the relevant audits are reviewed, communicated, and actioned on time.
  • Oversee the vendor assurance process which involves assessing vendors against the Dentons risk profile using already established assessment tools.
  • Build and maintain key relationships with the relevant business service teams to manage and maintain the client audit process across the firm such as the OGC and Partner level executives.
  • Respond to internal & external questions and queries in relation to the Firm's information security control and governance framework.
  • Provide information security-related advice and guidance to the firm on areas such as compliance and regulation.
  • Assist in the development, implementation and communication of policies in conjunction with the Head of Information Security and the IT Director.
  • Participate in regional and global security and compliance meetings as appropriate.
  • Monitor and raise awareness of potential client / risk-related issues and challenges.
  • Assist with the risk assessing of new systems and integrating information security into the IT Project process and working closely with various members of the IT team to make sure information security risk is considered at every stage gate.
  • Assist the information manager in maintaining the regional information security risk register.
Required Experience, Skills, and Attributes

Technical Skills
  • Good Knowledge of the client audit process used within the legal sector or a professional services environment.
  • Good Knowledge and experience of providing an IEC/ISO 27001 ISMS and PCI Framework.
  • Understanding of data handling best-practices and information management and governance.
  • Understanding of cross-border regulations in regard to data, such as GDPR and EU data privacy rules.
  • As well as IEC/ISO 27000 standard and PCI, knowledge of NIST and CIS is desirable.
  • Ability to stay current with cyber attacker techniques, phishing schemes, emerging threats, breaches, vulnerability, and governance news.
  • Actively contribute to security initiatives to increase employee awareness.
  • Assist in reviewing and redesigning internal processes and systems to ensure information confidentiality, integrity, and availability.
Personal Skills / Attributes
  • Advanced written and oral communication skills and an ability to deal at client and partner levels.
  • Highly motivated, proactive, and outcome orientated.
  • Ability to work closely with other key stakeholders outside of the IT department.
  • Great stakeholder management ability to influence internal and external stakeholders.
  • Ability to effectively prioritise and execute tasks in a high-pressure environment.
  • Extensive experience working in a team-oriented collaborative environment.
  • Keen attention to detail.
  • Smart and professional manner.
Firm Profile

Across more than 80 countries, Dentons helps you grow, protect, operate, and finance your organisation by providing uniquely global and deeply local legal solutions. Polycentric, purpose-driven and committed to inclusion, diversity, equity and sustainability, we focus on what matters most to you. www.dentons.com

Inclusion & Diversity

We are committed to building an inclusive culture here at Dentons where our people can thrive, regardless of their background or circumstance. As well as being the right thing to do, it makes good business sense too. A richness of backgrounds, experiences and perspectives helps us best serve our clients and the communities in which we operate. You can find out more about inclusion and diversity at Dentons on our website.

Equal Opportunities

Dentons is committed to providing equal opportunities for all. We welcome applications from everyone including any age, ethnicity, religion, sex, sexual orientation, gender identity, nationality, neurodiversity, disability, or with parental or caring responsibilities. We also offer flexible working hours.

During the application process, all applicants have the opportunity to tell us about any adjustments or support they require so they are able to perform at their best. Any information you share with us during the application process is treated in confidence.

If you have any questions about this or the role criteria, please email recruitment.matters@dentons.com.

NO AGENCIES PLEASE

If you are interested in applying for this position, we welcome direct applications via our careers page, but if you have any questions beforehand please email recruitment.matters@dentons.com - Enquiries only please, applications will not be accepted via email.

Please note that we will not accept unsolicited CV's sent to the business, nor will we accept any associated terms of business.