Information Security Analyst
Are you looking to be part of a progressive and innovative team to supporting our information security management system?
About the role
Reporting to the Information Security Manager, you will help to support a robust programme of information security assurance activity ensuring that issues are identified, reported, addressed/escalated or accepted as appropriate. The role will involve some travel to other CMS sites, sometimes with short notice periods.
You will be a key part of the team with a range of responsibilities, these will include:
- Ensuring that any vulnerabilities identified are processed in accordance with the information security risk framework including; risk analysis, identifying and applying appropriate controls, recording, reviewing and approval.
- Investigating actual or potential security events/incidents.
- Maintaining compliance in line with relevant security standards such as ISO 27001, NIST Cyber Security Framework and regulation such as the GDPR.
- Supporting the business in the tracking and resolution of security issues.
- Carrying out annual policy/procedure reviews, asset management reviews and physical site reviews
- Documenting reviews in order to improve understanding of policy compliance across the firm and identify areas in need of improvement.
- Providing support and guidance to asset/risk owners in relation to information security responsibilities.
- Working with internal stakeholders to deliver security assurance through responses to due diligence questionnaires/assessments, maintenance of supporting documentation/accreditations, and support to clients.
- Developing a strong understanding of security threats, new technology and the associated security controls.
- Recommending, developing and delivering opportunities to improve team processes for enhanced client delivery.
Ideal candidates will be educated to degree level from a legal or professional services background. You should have solid experience in information security and have have a broad knowledge and understanding of IT concepts and architectures. You will have obtained an industry recognised information security risk qualifications such as CRISC or working towards such qualification.
You will have knowledge of SIEM, Mobile Device Management and Cloud technology. Have experience of working to an ISO27001 aligned framework and an understanding of ITIL (preferable) and the desire to build own information security knowledge.
This role will be ideal for someone who is a self-motivated individual with flexible approach to working. You will have excellent interpersonal skills with the ability to converse with both technical and non-technical business stakeholders at all levels.
CMS is an international law firm with market leading businesses throughout Europe, The Middle East, Asia and beyond.
Ranked as the world’s 6th largest law firm by lawyer headcount and 6th largest in the UK by revenue, CMS works with clients in 42 countries from 74 offices worldwide.
A future facing law firm CMS is well equipped to help our clients face the future with confidence. We are driven by technology and readily embrace the possibilities it opens up for developing new and better ways of delivering legal services. And we recruit, value and nurture top talent.
CMS is committed to promoting equal opportunities in employment, to not only adhere to current employment law, but to harness the full potential of our staff and ensure that all individuals are treated fairly and with respect. To meet this aim CMS endeavours to treat all staff and job applicants equally, on the basis of merit and the ability to do their job. Everybody will be treated equally regardless of race, colour, age, religion or belief, gender, gender identity, gender expression, marital or civil partner status, ethnic or national origin, physical or mental disability, sexual orientation, and pregnancy or maternity status (“Protected Characteristics”).
For further information about CMS’ diversity initiatives and programmes, please click here to view the diversity pages on our website.
How to apply
If you are interested please apply online. If you have any queries, please contact Tahira Choudhry, Recruitment Advisor.
Please note that CMS have a preferred agency panel in place. Only applications submitted via the portal at the point of instruction will be accepted.