Security Project Manager (12 month fixed term contract)

Slaughter and May
London (Central), London (Greater)
Closing date
17 Jul 2022

View more

Vacancy Type
IT, Project management
Contract Type
Experience Level
Role Classification
Other Professional
You need to sign in or create an account to save a job.

Job Details

Who we are 

Slaughter and May is a leading international law firm, advising on high-profile and ground-breaking transactions around the globe. The firm provides clients with a professional service of the highest calibre, combining our technical excellence with an unparalleled commercial awareness and a practical, constructive approach to legal issues.

We are offering you the opportunity to be part of the team that supports our lawyers in providing outstanding legal advice to some of the world’s leading businesses.

At Slaughter and May, we have an underlying sense of pride in who we are and what we do. Our inclusive spirit will ensure your contribution is valued and you will enjoy an open, friendly and supportive culture. As a market leader, we will provide you with excellent benefits, facilities and training opportunities to support you in your career.

Would you like to join one of the world’s most prestigious law firms?

We are offering a fantastic opportunity for a professional, engaging individual to join us as a Security Project Manager, in our leading London-based Technology Team.


The Security Programme Manager will work closely with technical and non-technical stakeholders from the firm’s Technology department (e.g. Information Security & Privacy, Network Engineering, Infrastructure Engineering, Service Desk, Service Management, PMO), the broader firm (e.g. end users impacted by the programme) and external vendors to scope and deliver a series of information security related projects.

These include, but may not be limited to, projects in the following spaces:

Network security. Implementing strong (802.1x certificate-based) Network Access Control across the firm’s Local Area Networks, and reviewing/improving the firm’s approach to network micro-segmentation.

Email security. Implementing Sender Policy Framework (SPF) and/or Domain-based Message Authentication, Reporting & Conformance (DMARC) controls.

Endpoint security. Completing the firm’s deployment of Microsoft Defender for Endpoint, e.g. across the mobile device estate; and working with Infrastructure & Operations to deliver incremental improvements against the firm’s Microsoft Secure Score, e.g. through viability assessment, testing and progressive implementation of further Attack Surface Reduction rules.

Cloud infrastructure security. Improving the firm’s security posture in relation to its use of Microsoft Azure IaaS – e.g. by driving improvements against Azure Secure Score, templating VM images that align to Microsoft/CIS hardening baselines, and creating technical standards and operational processes that deliver a homogeneous IaaS environment.

Identity and Access Management. Includes implementing role-based access control for on premise privileged access; standardising and automating Joiners/Movers/Leavers processes; driving the adoption of Single Sign On and identity federation across disparate SaaS solutions; reviewing and refining the firm’s Conditional Access policies based on analysis of relevant use cases and security risks; and reviewing and improving/replacing the firm’s third party remote access solution.


The Operational teams design, procure, build and manage the firm’s IT infrastructure. The specific purpose of this role will be to manage the Operational teams through the delivery of security projects by:

  • Acting as the focal point, and driving force, for each project.
  • Defining project scope and deliverables, including business/requirements analysis where required.
  • Helping to identify appropriate candidate solutions for the fulfilment of security requirements in conjunction with relevant technical SMEs, external vendors and the broader marketplace, in order to steer stakeholders to consensus.
  • Helping to define and document proposed solutions, in terms of their high-level architecture.
  • Modelling the costs and effort to deliver each project, in order to assist with the production of the relevant business cases and budget submissions.
  • Managing relevant vendors, potentially including conducting market-soundings, facilitating scoping calls, obtaining quotes, managing vendor due diligence and on-boarding, and managing vendor project delivery performance.
  • Defining, maintaining and tracking performance against detailed project delivery plans in each of the time, cost and quality dimensions.
  • Capturing, tracking and managing project risks, issues, assumptions, dependencies and conflicts.
  • Project administration, including the production and maintenance of project documentation and the production and delivery of project status reports.
  • Preparing release-to-production documentation to ensure that the solution delivered can be supported under BAU, including definition of any support / service desk processes required.
  • Monitoring and managing project processes and ensure that any elements which fail in the workflow are remedied.
  • Anticipating, managing and resolving project issues that arise.
  • Tracking and managing project benefits realisation and return on investment.


Candidates for this position must have the following skills:

  • A strong understanding of PDLC processes and the Prince2/Agile methodologies.
  • A track record of successfully managing IT projects – preferably IT security projects specifically – in a complex enterprise IT environment.
  • A good understanding of information security concepts, risks and solutions.
  • A good understanding of the key challenges associated with delivering security projects in each of the spaces identified above.
  • A good understanding of the ITIL framework – particularly how to prepare an IT organisation to support a project deliverable once it is released into production.
  • Excellent written and verbal communication skills.
  • Excellent attention to detail.
  • The ability to work independently and within a team.
  • The ability to take ownership and drive activity across disparate teams.
  • The ability to handle ambiguity and to multitask in order to meet deadlines, across concurrent projects.


Slaughter and May is a leading international law firm recognised throughout the business community for its exceptional legal service, commercial awareness and commitment to clients. We advise on high-profile, ground-breaking and complex transactions and on contentious matters delivering bespoke solutions to clients for over 130 years.

We deliver innovative and bespoke solutions to our clients, domestically and internationally. We provide clear legal advice that spans the globe whilst tackling the cultural nuances between jurisdictions. Our lawyers understand how to coordinate and manage matters in the jurisdictions most relevant to our clients.

Across our four offices in London, Brussels, Beijing and Hong Kong we have 109 partners and over 1300 employees worldwide. We make sure we have the finest lawyers in the market and train them to the highest standards. This means our clients always get advice which is clear, confident and commercial, but also advice which guides and leads them towards a recommended solution. 

We have an underlying sense of pride in who we are and what we do, and our inclusive culture gives rise to a unique diversity of thinking, which is critical to our success and helps maintain our position as a true market leader.

Find Us
+44 (0)20 7600 1200
One Bunhill Row
United Kingdom
You need to sign in or create an account to save a job.

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert

Similar jobs