Senior IT Security and Compliance Administrator

London (Central), London (Greater)
16 Apr 2018
21 May 2018
Role Classification
Other Professional
Contract Type

The firm

Dentons is always looking to invest in the highest-quality talent, recognising that our success is built on the diverse and unique strengths of each of the members of our Firm.

Dentons is the world's largest law firm, delivering quality and value to clients around the globe. Dentons is a leader on the Acritas Global Elite Brand Index, a BTI Client Service 30 Award winner and recognized by prominent business and legal publications for its innovations in client service, including founding Nextlaw Labs and the Nextlaw Global Referral Network. Dentons' polycentric approach and world-class talent challenge the status quo to advance client interests in the communities in which we live and work.

The department

Our team of business services staff play a significant role in the success of Dentons, and we recruit staff into a wide variety of areas. Here, we look for focused, flexible individuals from a variety of backgrounds who are team players. Previous experience within the legal sector is not essential. We want to give everyone the opportunity to develop his or her potential fully and, therefore, provide support, training and encouragement to members of staff at all levels.

Purpose of role

The Senior Security and Compliance Administrator is responsible for maintaining security posture, protecting data and managing risk. You will play a key role in maintaining our Cyber Essentials Plus, ISO9001 and ISO27001 certification. This position will act as a subject matter expert and project coordinator for Information Security within the UK and Middle East regions.


  • Manage, maintain and expand our ISO9001 and ISO27001 certification

  • Develop, evaluate, implement and update related policies and procedures

  • Support and respond to internal and external audit activities

  • Assess and audit internal departments against the Information Security and Quality frameworks to ensure standards are continually met

  • Respond to client tender information request documents and bids, ensuring compliance

  • Project manage and maintain the Cyber Essentials Plus accreditation

  • Assist with the creation, update and maintenance of security program documentation

  • Log and respond appropriately to all information security incidents

  • General administration relating to information security, data protection and risk management

  • Provide information security advice to the business

  • Assist with risk assessing new systems and suppliers

  • Participate in change and problem management

  • Assist with business continuity and incident response

  • Assist with security vendor management and security budget

  • Collaborate and implement improved authentication, authorisation and encryption solutions for on premise, cloud and remote access systems

  • Participate in the On Call Rota

Required experience, skills and attributes

Technical Skills

  • Expert knowledge and experience of ISO9001, ISO27001 and Cyber Essentials Plus

  • Understanding of data handling best-practices and information management and governance

  • Knowledge and expertise of cross-border regulations, such as GDPR and EU data privacy rules

  • Broad understanding of technology and legal applications preferred but not mandatory

  • Extensive information security experience, across broad security domains

  • Experience in security monitoring, detection, prevention and control systems

  • Ability to stay current with hacker techniques, phishing schemes, emerging threats, breach, vulnerability and governance news

  • Very good analytic skills, having the ability to analyse data from a high level view

  • Hands on technical security experience with Windows Desktop and Server Environments

  • A good understanding of endpoint security and application white listing

  • Understanding of gateway security, intrusion prevention, proxy and firewalls

  • Experience with patch and vulnerability management

  • Knowledge of Identity, access, multi factor authentication and single sign on

  • Knowledge of Mobile device management

  • Experience with Security information and event monitoring (SIEM)

  • CISSP/SSCP/CISA/CISM certification preferred

Personal Skills / Attributes

  • Excellent written and oral communication skills

  • Highly motivated, proactive and outcome orientated

  • Ability to work closely with other key stakeholders outside of the IT department

  • Strong ability to influence internal and external stakeholders

  • Self-starter that takes ownership of identified issues

  • Analytical, evaluative, and problem-solving abilities

  • Ability to effectively prioritise and execute tasks in a high-pressure environment

  • Extensive experience working in a team-oriented collaborative environment

  • Keen attention to detail

  • Smart and professional manner

  • Can carry out all responsibilities in a way which supports the practices values and promotes its equal opportunities and diversity principles

  • Able to be an ambassador for Dentons being professional in outlook, attitude and appearance

Language Capabilities

We are a truly global law firm and as such, always welcome hearing from those with foreign language capabilities.

Equal opportunities

Dentons is committed to providing equal opportunities for all. If, as a result of a disability, you believe that there are aspects of the recruitment process or job that you would find more difficult than a non-disabled person, please tell us as soon as possible. We will then be able to discuss with you any reasonable adjustments that could be made to the recruitment process or the job itself.

Similar jobs

Similar jobs