We are seeking a dedicated and experienced Information Security and Risk Manager to oversee our organisation's information security strategy and risk management processes. This role is crucial in protecting our data and ensuring compliance with relevant regulations.
If you are passionate about safeguarding information and managing risks in a dynamic environment, we’d love to hear from you!
What will you be doing?
You will assess, approve and advise on all Information Security matters throughout the HF group. This will include the assessment of all new projects including any mergers and acquisitions as required. Also ensure the continued assessment of the existing architecture to ensure HF are compliant with both legal regulations and client SLAs.
The role involves working as part of the Information Security Team, but also includes carrying out activities within the wider Risk and Compliance function as instructed by the Head of Information Security.
Additional duties include:
* Act as the main point of contact for all risk assessment and remediation within CIO and be an ambassador for Risk Management throughout the business.
* Accountable for the maintenance of the IT Operations Risk Register and chair the IT Operations Risk Committee and Management Review Committee (ISMS and AI).
* Embed Information Security and GDPR within the business processes. Includes addition of function / non-functional requirements and input to applicable project management documentation (i.e., DPIA, Risk Assessments).
* Supervise the definition of the annual internal audit schedule and scoping in conjunction with the Risk & Compliance function.
* Work closely with the CIO Architecture, Infrastructure and Development teams advising on Security strategies and controls to reduce the security Threat Landscape.
* Responsible for the relationship between HF and the 3rd party security MTDR (Managed Threat Detection and Response) service.
* Manage the relationship with the other Information Security 3rd party services ensuring appropriate controls in place to mitigate security risk to HF.
* As part of the day-to-day activities, investigate Service Desk tickets, resolving Priority 3 and 4 alerts and raising any outstanding tickets (including all Priority 1 and 2) to the Head of Information Security.
* As instructed by the Head of Information Security, investigate specified security toolsets, providing a report on any enhancements that can be made to improve the service.
* Accountable for Information Security Awareness for the organisation, planning and running Phishing Campaigns and awareness training with HF’s 3rd party suppliers.
* Accountable for ensuring that all Infrastructure and Application penetration testing is completed as required, owning and managing any remediation.
* Prepare and produce the monthly Board reports and IT Town Hall presentation slides for Information Security, presenting these slides at the appropriate meetings.
* Assist with client due diligence questionnaire and audits as required by Risk and Compliance.
What do I need?
* An appropriate certification in Information Security (CISSP, CISM etc).
* An excellent knowledge level of Information Security, Risk and Compliance and Privacy regulations including experience in GDPR (UK).
* Minimum 5 years working in Information Security or Risk and Compliance.
* Experience of Level 1 and 2 information security audit processes and understanding of Level 3 information security audit processes, supporting the Head of Information Security and Head of Risk and Compliance.
* Thorough understanding and direct experience of security standards. This role will be responsible for ensuring the company's compliance with ISO27001 and ISO9001.
* Outstanding client relationship management ability, with excellent oral and written communication skills.
* A team player with a positive 'can do’ attitude, a willingness to learn and take on responsibilities and an attitude that embraces change.
What’s in it for you?
We are not your stereotypical law firm. We’re always looking to recognise and reward our people for the work they do.
We know that you’ll have commitments outside of work, which is why we offer flexible start and finish times. Here are just a few of the benefits you’ll have access to, as part of our team:
* 25 days’ annual leave (in addition to public holidays), increasing to 30 days with service.
* Holiday Buy Scheme (buy up to 5 extra days holiday).
* Life insurance and Income Protection.
* Partner Life Insurance*
* Private Medical Insurance*
* Employee Assistance Programme & Digital GP service.
* Company Pension Scheme.
* Electric Car Salary Sacrifice Scheme*
* Enhanced Maternity, Paternity & Adoption Leave*
* Flexible & Hybrid working options*
* Discounted Gym Membership.
* Technology Vouchers & Discounts.
* Cycle to Work Scheme.
* Travel Insurance.
* Flu Vouchers & Eyecare Vouchers.
* HF Discount Hub.
* Season Ticket Loans.
*subject to eligibility.
About the company
HF is one of the UK’s leading providers of legal and handling services to the general insurance sector. Established in 1969, the firm currently provides legal services to 12 of the UK’s 20 largest motor insurers in specialist areas such as counter fraud, large & complex injury, motor and casualty services, recoveries, costs and credit hire. HF has recently expanded into the provision of commercial legal services and litigation, providing solutions to a wide range of corporate and SME clients.
Ranking 5th Best Law firm to work for in relation to pay, work/life balance, career development, management, culture, and office, HF provides you with an environment where you can be yourself and thrive!
Sounds great! What next?
If you are ready to apply, the button is below. If you don’t have an updated CV or just want a bit more information about the role first, please contact recruitment@h-f.co.uk.
If HF feels like a place where you can belong, we'd love to learn more about you. Once you've submitted an application the next steps of the process, if successful, are likely to include a virtual interview and/or in-person interview in our office.
As an equal opportunities’ employer, we're passionate about inclusive hiring approaches. When you apply, you'll be asked about any adjustments you might need to support the recruitment process. Let us know, and we'll do our best to support you.
#J-18808-Ljbffr