Information Security Officer - Risk and Audit

Taunton
2 weeks ago
Create job alert

Information Security Officer - Risk and Audit

Permanent - £38k - £42k

Location - Hybrid based out of either Taunton or Bristol

Sponsorship and short-term visa applicants cannot be considered. Sorry!

Your new company

A leading law firm with numerous offices across the UK, who have numerous initiatives and projects in place to improve the positive impact the business has on environmental, social and governance.

Your new role

You will be reporting to the Head of Information Security and Data Protection. You will be responsible for a number of important functions within the Information Security and Data Protection Team, including:

Conducting internal ISO27001 audits, with a focus on Information Security, IT, and technology.
Assisting with conducting risk assessments and due diligence checks for projects, new technology and suppliers.
Conducting meetings with risk and project owners to ensure risks and audit outcomes are managed to completion.
Promoting discussion on potential solutions for information security improvements.
Helping to improve information security awareness throughout the firm through training and practical advice.
Assisting the Infosec and Data Protection team in monitoring changes in the risk landscape through learning and knowledge sharing.
Keeping audit, risk and procedural documentation up to date.
Due to being a part of a small team, you will need flexibility in being able to administrate infosec incidents and assist with other IS/DP projects. What you'll need to succeed

You will have an IT-based information security experience and an understanding of data privacy. Ideally, you will also have

ISO27001 audit experience and/or experience in IT risk assessments or supplier due diligence.
Strong stakeholder engagement skills.
The ability to work re- and proactively when it comes to information security risks.
Strong verbal and written communication skills.What you'll get in return

Salary of £38k-£40k
Flexible working
'Mainly remote' role - once a month(ish) team meet ups, and ability to be on site should there be a major breach or incident. What you need to do now

If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now.
If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career.

Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)

Related Jobs

View all jobs

Information Security Officer

Information Security Officer - Risk and Audit

Information Security Officer (ISO)

Information Security Officer - Marlin Selection

Regional Information Security Officer

Chief Information Security Officer

Get the latest insights and jobs direct. Sign up for our newsletter.

By subscribing you agree to our privacy policy and terms of service.

Industry Insights

Discover insightful articles, industry insights, expert tips, and curated resources.

Jobs

Common Pitfalls Cyber Security Job Seekers Face and How to Avoid Them

The cyber security industry in the UK and worldwide is experiencing rapid growth. With cyber attacks growing in sophistication and frequency, organisations are investing more resources than ever into defending their digital assets. From penetration testers and threat analysts to security architects and compliance officers, cyber security professionals are in high demand across a variety of sectors—including finance, healthcare, government, and retail. Yet, in spite of this high demand, the process of landing a cyber security role can be more challenging than many candidates anticipate. The stakes are high: prospective employers entrust cyber professionals with their most sensitive data, their compliance posture, and often their core business operations. Therefore, they’re looking for candidates who can demonstrate not just technical know-how, but also excellent communication, adaptability, and an awareness of the broader business context. In this article, we’ll explore the most common pitfalls that cyber security job seekers face, especially in the UK market, and how to avoid them. Whether you’re a recent graduate, a professional transitioning from a different field, or an experienced practitioner aiming for a senior role, these insights will help you stand out and secure the opportunities that fit your skill set and career goals.

Careers

Career Paths in Cybersecurity: From Entry-Level Roles to Leadership and Beyond

Cybersecurity has emerged as one of the most critical and fastest-growing fields in technology today. With data breaches and ransomware attacks making headlines, organisations of all sizes and in every sector are recognising the urgent need for robust cybersecurity measures. As a result, professionals with the right mix of technical and strategic skills are in high demand—offering competitive salaries, diverse career paths, and ample opportunities for progression. How do you begin a career in cybersecurity, and how can you advance from technical roles to leadership positions? In this in-depth guide, we explore the cybersecurity career ladder, outlining roles at entry, mid, and senior levels, as well as the key skills, qualifications, and experiences you’ll need to climb it. Whether you’re an aspiring cybersecurity analyst, a seasoned penetration tester, or an IT professional looking to pivot, this article will help you understand the paths available and how to chart your course towards success in the thriving UK cybersecurity market.

Jobs

Job-Hunting During Economic Uncertainty: Cyber Security Edition

The cybe rsecurity sector sits at the forefront of today’s digital landscape, defending businesses and governments alike from increasingly sophisticated threats. From incident response and network security to cloud protections and zero-trust architectures, cyber security professionals tackle an ever-evolving array of challenges. Yet, even this mission-critical field is not immune to economic turbulence. When broader financial markets experience uncertainty—whether through global recessions, regional downturns, or unexpected macro events—the hiring climate can shift, making roles more selective and budgets tighter. For job seekers in cyber security, this can be disconcerting. You might discover that once-abundant vacancies have become scarce, competition for the remaining positions is fiercer, or company priorities pivot away from large-scale expansions toward essential, cost-justified security projects. At the same time, data breaches and cyberattacks don’t pause during economic slowdowns—if anything, they may escalate as bad actors exploit organizational vulnerabilities. This paradox means that while the market feels tough, demand for cyber security expertise remains robust. In this article, we’ll look at: Why economic uncertainty affects cyber security hiring trends. Strategies for staying competitive, even if the number of open roles shrinks. Methods to highlight your skills, adapt to shifting priorities, and network effectively. Approaches for preserving mental well-being during prolonged searches or uncertain feedback loops. How www.cybersecurityjobs.tech can help you find the ideal security-focused role. By proactively sharpening your skill set, tailoring your professional profile, and engaging with a focused community, you can secure a rewarding cyber security job—even when the broader market feels volatile.

🍪 We use cookies to enhance your browsing experience on our website. By continuing to use this site, you consent to the use of cookies as described in our Cookie Policy. You can review our Cookie Policy for more information.