An excellent opportunity to join a leading global law firm as a Security Compliance Manager. This is a key role within the Information Technology and Security function, responsible for coordinating and managing external and internal security audits, client assessments and maintaining the firm’s ISO 27001 Information Security Management System (ISMS).

The position offers significant exposure across international offices and requires collaboration with senior stakeholders, clients, and external certification bodies.

Responsibilities

• Serve as the primary liaison for client and internal security and compliance audits
• Manage and maintain the firm’s ISO 27001 ISMS and related deliverables
• Coordinate internal and external security assessments and certification schedules
• Lead ISO 27001 audits and manage relationships with certification agencies
• Manage client security assessments and responses to security questionnaires and RFPs
• Collaborate with technical, risk and business teams to identify and remediate control gaps
• Maintain documentation and reporting to ensure compliance with regulatory standards
• Develop recommendations for control enhancements and process improvements
• Represent the firm’s security posture to clients and partners
• Occasional international travel may be required

Candidate Requirements

• ISO 27001 Lead Auditor certification and/or extensive experience with ISO 27001 standards
• 5+ years’ experience in IT or Security audits, assessments or compliance management
• Strong understanding of Cyber Essentials Plus, risk management, and security controls
• Sound technical understanding of systems, networks, and security architecture best practices
• Excellent written and verbal communication skills, with the ability to engage senior stakeholders
• High attention to detail, analytical capability and strong organisational skills
• Ability to work cross-functionally and influence internal and external stakeholders
• Familiarity with control design, vulnerability management, and third-party risk management

This is a fantastic opportunity to join a globally recognised firm at the forefront of professional services technology and cybersecurity. The role offers a blend of strategic oversight and hands-on delivery within a collaborative, international environment.

Hybrid working and attractive salary

Please attach an MS Word version of your CV. If you do not hear back within one week, please assume you have been unsuccessful. Unfortunately, due to the high volume of applications, individual feedback cannot be provided.

Keywords: ISO 27001 | Information Security | Compliance Manager | Cyber Security | Risk Management | Professional Services | Security Audit