Newcastle Upon Tyne, Tyne And Wear
Norton Rose Fulbright Llp
Practice Group / Department:
IT Security
Job Description
We’re Norton Rose Fulbright – a global law firm with over 50 offices and 7,000 employees worldwide. We provide the world’s preeminent corporations and financial institutions with a full business law service. As well as the relevant skills and experience, we’re looking for people who are innovative, commercial and value the work that they do. To attract the best people, we strive to create a diverse and inclusive environment where everyone can bring their whole selves to work, have a sense of belonging, and realize their full career potential. We value difference and actively promote a culture of respect for each individual, encouraging and creating inclusion. Our new hybrid working model allows our people to have more flexibility in the way they choose to work from both the office and a remote location, while continuing to deliver the highest standards of service. We offer a range of family friendly and inclusive employment policies and provide access to programmes and services aimed at nurturing our people’s health and overall wellbeing.
The Team
The Information Security team report to the Global Chief Information Security Officer (CISO). The team work with unified principles and processes around the world while maintaining regional stakeholder relationships. High standards are achieved by the adherence to international best practice principles (ISO 27001) and continual improvement methodologies.
The scope of the Information Security function includes all strategic security planning and control oversight to ensure effective risk mitigation takes place within the firm. In many cases, the operational running of security controls is the responsibility of IT Service Delivery teams or departments such as HR, Facilities, Procurement, General Counsel etc., The Information Security team remains responsible for ensuring the effectiveness of the overall control framework and ensuring that any related risks are identified / incidents managed.
The Role
The Technical Information Security Governance & Compliance Analyst takes responsibility for all technical control responses supporting the client bids/audits and supplier assessment process. The role is a key part of supplying assurance to our clients on the technical security measures we have in place for the protection of client data. Providing project support for other security functional areas may also be required on an ad hoc basis.
The success of this role is dependent upon building a lasting alignment between client requirements and NRF’s information security provisions and business requirements. It is also incumbent upon this role to take a continual development mind-set to ensure their product knowledge represents the latest in control requirements and evidence enabling timely responses to our clients. In particular, the role must take into consideration:
Key responsibilities
Skills and Experience Required
Personal Attributes:
Keen sense of responsibility, ability to set a professional example and desire to adhere to defined security practices.Integrity and professionalism, with a consistent and uncompromising adherence to best practice.Strong stakeholder management skills, including the ability to communicate complex Information Security concepts in business language.Passionate and driven to exceed expectations and to deliver with integrity.Strong security understanding.Self-motivated and able to work calmly and methodically under pressure.Excellent interpersonal skills, exceptional levels of personal integrity and the ability to communicate clearly at all levels through reports, presentations and forming effective matrixed relationships.Flexible approach to incorporate changing priorities.Co-operative and established team worker.Good judgement when it comes to confidentiality and sensitivity of information