Job Information

An exciting opportunity for an Information Security Officer / Data Protection Officer to join a leading specialist law firm has arisen. This is a newly created role of which the successful candidate will have full autonomy over. The reason for this role being created is that the company have been through a substantial growth period and this position is key to the business growth strategy.

This position will involve the design and implementation of an information security management system and have confidence in delivering training on this to all departments to ensure it is adopted throughout the firm. The ideal candidate will have experience of a similar role within a professional services background.

The main duties of the Information Security Officer / Data Protection Officer role will include:

• Data security management framework • • Responsible for documenting governance and control framework in respect of Data Security, ensuring all information security strategies are aligned with business objectives.
• • Ensure applicable laws and regulations are adhered to through policies and internal; controls such as : Access Controls, Data Handling, Malware Protection, System Configuration, Personnel Security, Physical Security, Compliance, Disaster Recovery Policy, Business Continuity Policy, Change Management


• Communication of the new approach to cyber risk management throughout the group
• Responsible for handling any reported security incidents, identifying the root cause
• Crisis management and advising on the threat detection, define processed to protect against network attacks and other cyber crimes
• Create Audit framework to verify compliance with Information Security Policies
• Carry out Information Security Risk Assessments
• Manage GDPR programme including: Carry out information audit and data and asset mapping / information flows, update fair processing notices, Assist with maintenance of customer database, Carry out data protection assessment, Responsible for Data Subjects Access Requests and management of Right to be Forgotten
• Ensuring appropriate Disaster Recovery and Business Continuity plans are in place
• Regularly reviewing and updating policies

For this position the candidate must hold a certification such as CISSP / CISM // CISA / CISMP along with a strong academic education (to degree level) and ideally have the right industry experience. It is essential the candidate is a strong character with excellent communications and can be assertive when implementing changes.

This company offers a competitive salary along with an extremely generous benefits package including a performance-based bonus.

For more information on this role please contact Kathryn Ali at Cameron James Professional Recruitment on 0113 242 9411 or email Kathryn.ali@cameron-james.co.uk