Information & Cyber Security Engineer

Key Responsibilities

• The role will support the delivery of robust information security and privacy policies, processes, and practices into business operations.
• Providing advice and guidance on security policy compliance to manage identified risks and ensure adoption and adherence to standards.
• Supporting the response to discovered vulnerability information and conducting security risk assessments, business impact analysis and reporting of our information systems.
• Sustain the Firm’s Security Incident Response plans including exercising and training.
• Review and complete client cyber due diligence questionnaires in a timely manner. Liaise with the client to close off any remedial actions.
• You will provide additional resource to close the gap on audit findings (raised by both client and ISO audits), improve maturity across security controls and deliver the security target operating model.
• Conduct regular vulnerability scans and produce actionable reports
• Support patch deployment and software approval audits

Skills Required

• Experience of both GRC & Cyber security within a law firm or professional services firm.
• Skills - Azure, Security Audits, ZTN's, SIEM, Rapid7, Abnormal, MS Defender, CrowdStrike
• Experience helping a firm with ISO27001 and Cyber Essentials certifications.