Information Security Officer

Job Title Information Security Officer
Sector Cyber Security
Location Bristol
Type Permanent
Salary Confidential

Information Security Officer

My client, a legal services provider based in Bristol are actively looking for a permanent Information Security Officer to join their existing team. This is an exciting time to join them as they look to continue to develop this capability. This role will require you to lead a team and function.

The role

  • Continue the enhancement and implementation of information security and data processing policies and standards across the firm and in particular, auditing and maintaining our ISO27001 processes and accreditation.
  • lead the information security team
  • lead the firm wide information security forum
  • lead on client information security audits
  • act as a point of reference on best practice in relation to IT governance, controls and practices across the firm
  • offer training on aspects of information security policy, as required.


  • Proven experience of implementing an information security management system (ISMS) and maintaining certification standards;
  • Experience in undertaking internal and third party audits covering IT governance and information security controls;
  • Solid understanding of IT and experience in developing IT governance, controls and best practices in the form of the IT infrastructure library (ITIL) and IT service management certification (BS ISO/IEC 20000).
  • Proven ability to assess information systems processes, IT services and associated systems threats, vulnerabilities and risks.
  • Proven ability to write easy to understand reports and deliver presentations on information risk management, systems process control and audit reports.
  • Proven ability to author and revise information security policies and procedures.
  • Proven ability to work and communicate effectively and fluently with managers and staff, including the ability to explain complex technical issues in terms that non-technical managers and staff will understand.
  • An understanding of a business continuity role and/or policies processes and plans.
  • Auditing IT suppliers as to their own IT security and controls.

Apply for this position: