Junior Information Security Analyst / Junior InfoSec Compliance Analyst - Governance, Risk & Compliance (GRC), Supplier Assurance (InfoSec), 3rd Party Risk Management, Supplier Due Diligence, Client Liaison, Process Implementation, Incident Analysis and Reporting. CISM, CISSP, CySA+, CASP+ etc; ISO 27001, NIST, Cyber Essentials Plus. 12 Month FTC. London / Remote (Hybrid 3 Days Per Week In Office). £35k - £45k +Benefits
Prestigious Global Law Firm seeks Junior Information Security Analyst / Junior InfoSec Compliance Analyst to work alongside more senior members of the team responsible for supplier assurance as well as broader incident analysis and reporting across internal divisions.
The successful Junior Information Security Analyst / Junior InfoSec Compliance Analyst will conduct due diligence processes in relation to InfoSec compliance with regulatory authority requirements for all suppliers, assessing responses to RFI and advising on amendments to suppliers' security and infosec configurations and provision. You will liaise with internal procurement and other business teams and provide guidance where necessary to suppliers themselves to ensure a high standard of supplier compliance with the firm's wider obligations.
Secondly; you will act as one of the points of contact for clients who require information from the firm in terms of its compliance stance throughout its own supply chain, completing client questionnaires and providing analysis as required. This will again require both internal stakeholder liaison along with client facing engagement where you will provide a reliable service to new, prospective and existing clients relaying the appropriate information with an understanding of the requirements implemented to ensure compliance and the technologies deployed to ensure a high level of security across the piece.
Finally, you will be responsible for assisting with the running of the firm's Information Security Management System by driving forward corrective actions from audits, documenting lessons identified from incidents and near
misses and producing management reporting. You will streamline processes by using generative AI tools
to help suggest/automate the firm's responses and by leveraging the GRC platform employed within the department. You will work closely with, and report to, the Information Security Manager and Head of Information Security to
help manage, maintain and improve the firm's information security risk position.
This is a Junior-level Information Security Officer / InfoSec Compliance Analyst role which will require an individual to both work under their own initiative. You will evaluate compliance with key security policies and ISO requirements, document variations for remediation and generate actionable metrics for leadership review. Follow this the successful candidate will identify and support creation of policies and procedures to improve compliance processes. The role is suitable for a recent graduate (BSC or MSc, preferably focussed on Cyber Security) with around 1-2 years commercial experience which may have been gained as an internship or placement.
We are searching for a Junior / Entry Level Information Security Officer / Information Security Analyst / Supplier Assurance Analyst / InfoSec Officer / IT Auditor / CyberSec Compliance Analyst who can bring an understanding of both procedural security knowledge, security procedures and controls within best practice frameworks with specific focus on 3rd party risk management, the supply chain and supplier compliance. You will possess an analytical mind and approach and be able to conduct risk assessments and analysis and implement corrective actions through a basic but solid technical understanding of a variety of technical and CyberSec environments and configurations. You will be able to apply your theoretical knowledge within a commercial environment. Excellent organisation and communication skills are pre-requisite. MSc Degree level education preferable but non-essential.
Excellent opportunity to join a well renowned, international Law Firm during a time of exciting growth and corporate development. 12 month FTC with potential for extension / permanent engagement.