Skip to main content

Senior Information Security Risk and Compliance Analyst

DLA Piper
Birmingham, Leeds or London
Closing date
14 Jul 2024

View more

Job Details

The role

The Senior Information Security Risk and Compliance Analyst will lead on identifying, reporting and acting upon Information Security risks.
They will also lead on directing and co-ordinating the response with other groups to help mitigate any threats and risks.
They will ensure security controls are operating effectively and in accordance with regulatory and legislative requirements. 

We are looking for a business focused and experienced, Senior Information Risk and Compliance Analyst to join our growing team.   

This is not a hands-on technical role however, some high-level technical awareness is needed as you will be working closely with Information Security Operations and IT teams.  

Primarily, the activities you’ll be involved in include: 

  • Lead and coordinate all aspects of the security risk assessments including the tracking and remediation processes
  • Clearly document and define risks and potential impacts including mitigation proposals and provide recommendations, challenging where required
  • Manage and maintain the Information Security Risk Register and the risks within it
  • Lead and provide suggestions on decision-making and approvals around risks
  • Lead on creation of key risk management documentation for risk committee
  • Manage and develop independent risk reporting
  • Escalate risks as relevant to appropriate leadership
  • Lead regular risk forums, while also recording and publishing meeting minutes and actions
  • Lead on embedding compliance culture and risk awareness
  • Manage the risk management policy and frameworks are managed, up to date and quality assessed
  • Train others including junior members of team on risk management and risk processes
  • Support the delivery of responses to client and business requests, including the completion of client and pitch questionnaires
  • Supporting all activities related to the maintenance of the Information Security control frameworks e.g. ISO27001
  • Support of internal and external audits 
  • Working alongside IT, collaborating closely with all other risk teams, 3rd party suppliers, procurement and other business teams where needed 
  • Any other duties defined by the Information Security Assurance Manager 


  • Identification and management of Information Security risks; recommending cross business mitigation plans
  • Excellent knowledge of data security and risk management principles
  • Utilising risk management policies and processes to identify and analyse risk 
  • Writing policies/standards/procedures or other compliance documentation
  • Core IT infrastructure technologies and concepts
  • Excellent written and verbal communication skills

The ideal candidate should have excellent soft skills and understand how to communicate within a large organisation and communicating effectively across various business departments. 

Ideally, have a good knowledge of information security control frameworks such as ISO27001, ISO27005, NIST, COBIT and/or ISO31000, as well as an awareness of data privacy rules, e.g. the GDPR.  

The ideal candidate may hold security certifications such as CRISC, CISA, ISO27001 Lead Auditor or ISO27001 Lead Implementer with other security certifications being beneficial.

The following characteristics are essential:

  • You will be a motivated team player with a flexible, adaptable approach to getting the job done
  • You’ll have previous experience in business facing/client facing roles within Information Security with the ability to act calmly under pressure
  • Be highly organised and self-motivated with genuine passion for Information Security governance
  • You’ll also be able to manage multiple tasks and projects at any one time
  • You will have excellent communication and collaboration skills, and have a pro-active approach
  • Have a desire to develop professionally (yourself and your colleagues)

Key Relationships:

  • Clients/Suppliers
  • Broader Risk and Compliance functions including external parties
  • IT teams across the international firm
  • 2nd and 3rd party auditors
  • Data Privacy team 
  • Procurement 
  • Client facing teams

DLA Piper is a global law firm with lawyers and business service professionals located in more than 40 countries throughout the Americas, Europe, the Middle East, Africa and Asia Pacific. Our global reach ensures that we can help businesses with their legal needs anywhere in the world. We strive to be the leading global business law firm by delivering quality, service excellence and value to our clients and offering practical and innovative legal solutions to help them succeed. Our clients range from multinational, Global 1000, and Fortune 500 enterprises to emerging companies developing industry-leading technologies, as well as government and public sector bodies.

In everything we do connected with our People, our Clients and our Communities, we live by these values:

  • Be Supportive – we are compassionate and inclusive, valuing diversity and acting thoughtfully
  • Be Collaborative – we are proactive, passionate team players investing in our relationships
  • Be Bold – we are fearless and inquisitive, challenging ourselves to think big and find creative new solutions
  • Be Exceptional – we are strategic and driven, exceeding standards and expectations

At DLA Piper, diversity and inclusion underpins how we live our values and everything we do. We believe that everyone has a voice, and that everyone’s voice counts. We know that the rich diversity across our firm makes us stronger, more innovative and creative, which helps us to better serve our clients and communities. We are committed to providing an inclusive working environment and culture across our global firm, where everyone can bring their authentic self to work.

Diversity of perspective, thought, background and culture combine to make us the leading global law firm; that’s why we actively seek to build balanced teams. We welcome the unique contribution that you will bring to our firm and actively encourage applications from all talented people – however your talent is packaged, whatever your background or circumstance and regardless of how you identify.

We recognise that people have responsibilities and interests outside of their career and that as a business, we all benefit from working flexibly. That’s why we are open to discussing with candidates the different ways in which we are able to support requests for agile working arrangements.

In the event that we make an offer to you, and where local legislation permits and where relevant, we will conduct pre-engagement screening checks that may include but are not limited to your professional and academic qualifications, your eligibility to work in the relevant jurisdiction, any criminal records, your financial stability and work-related references.


DLA Piper is a global law firm with lawyers located in more than 40 countries throughout the Americas, Europe, the Middle East, Africa and Asia Pacific, positioning us to help clients with their legal needs around the world.

We strive to be the leading global business law firm by delivering quality and value to our clients, and we achieve this through practical and innovative legal solutions that help our clients succeed.

We’re proud to serve an international client base that includes more than half of the Fortune 250 and nearly half of the FTSE 350 companies. We help the world's top companies with their business-critical issues. Many of the deals we work on are complex and challenging – transcending not just practice areas, but borders, languages and legal systems. With offices throughout the Americas, Europe, the Middle East, Africa and Asia Pacific, we represent more clients in a broader range of geographies and practice disciplines than virtually any other law firm in the world. Our lawyers have wide experience in arbitration, banking, competition and trade, as well as corporate crime and corporate finance. We have strong practices in employment, energy, hospitality and leisure, insurance, intellectual property, litigation, mergers and acquisitions and have developed key teams in pensions, private equity, real estate, tax, and technology

As a firm we are committed to diversity and to building an inclusive culture for all of our people, where differences are genuinely valued. For us, diversity isn't just about visible differences, it's the unique blend of talents, skills, experiences and perspectives that makes each of us an individual and we know it's crucial to have a culture and environment where those differences are genuinely valued.

Company info
+44 (0)20 7349 0296
160 Aldersgate Street

Get job alerts

Create a job alert and receive personalised job recommendations straight to your inbox.

Create alert