Information Security Assistant 12-month FTC

We are recruiting an Information Security Assistant to join our IT department on a 12-month fixed-term contract.

What this means for you

Joining Macfarlanes means being part of a collaborative, approachable team who want you to succeed. You’ll be encouraged to get involved and recognised for your contribution.

We take your development seriously. Our learning and development programmes are second to none and are designed to help you strengthen your skills.

Above all, you’ll be part of a firm where we all work together as part of a cohesive and supportive team, value your efforts and help you to thrive.

Department overview

The Information Security team sits within the wider IT department and comprises three people: Head of Information Security (which this role reports into), Senior Information Security Analyst and Information Security Assistant.

The IT department is responsible for the delivery of all aspects of the firm's information technology systems and services, including all phases of design, build implementation and operations. The department comprises 42 employees, split into six teams: Service Delivery, End User Computing, Infrastructure, Applications & Development, PMO and Information Security.

The IT function has delivered a significant change programme in recent years and has embraced newer technologies to support the firm’s strategic goals and ambitions whilst retaining a service-focused culture. The job holder's role will likely develop over time in keeping with a programme of continual improvement.

The role

The Information Security Assistant assists with the day to day running of the firm’s information and cyber security controls. The Information Security team works closely with the CIO to provide guidance on technical architecture, information security standards and best practice.

Key duties and responsibilities:

assist in managing the firm’s security estate and help deliver the information security strategy; assist in the driving of information security best practices by creating awareness of policies, procedures, standards, and training in line with firm needs; assist with security projects and providing guidance on security matters for other IT projects; assist with information security related client audits and third-party supplier audits, analysing results from security questionnaires and audits, and publishing within the information security management system; assist in the identification of security incidents, reporting potential issues to the head of information security; contribute to the coordination of business continuity exercises, incident response plans, playbooks, and incident evidence gathering; provide basic triage and remediation to information security incidents, vulnerability scans, and patch management processes; work in collaboration with the wider IT team to ensure endpoints and systems are appropriately secured and hardened; assist in maintaining the information security risk register and assist with internal and external audits; assist in generating reports, metrics, and dashboards for both technical and non-technical stakeholders; help drive a security culture within the IT department and within the firm by being a champion for how good information security is as a business enabler rather than a blocker; and develop and maintain up-to-date knowledge by attending education opportunities such as conferences, seminars, maintaining personal networks and participating in professional organisations opportunities to provide subject matter expertise and understand threat intelligence, challenges, solutions, and innovations.

This job description encompasses the main duties of the role and is by no means exhaustive. It is anticipated that duties may vary from time to time according to the needs of the practice area.

During the first three months of employment, you may be required to attend the office four days per week to support onboarding, training and collaboration. Your line manager may adjust this requirement based on your progress and business needs.

The candidate

This is a junior information security role and, as such, we are more interested in aptitude, attitude and a desire to learn than specific qualifications. Depending on your career path to date, you will likely have most, but not all, of the following:

experience of working in a broad IT role, ideally in a professional services organisation; interest in information security and cyber security, perhaps having self-funded some initial security certifications, CompTIA Security+ for example; experience of working with Microsoft technologies within a corporate environment; ability to follow processes in a highly controlled environment; ability to collaborate, build relationships and influence people; ability to work efficiently and effectively under pressure in prioritising competing workloads; and good communication skills, with the ability to communicate information security concepts to non-technical.

Application screening

Any offer of employment with us is subject to our pre-employment checks which are conducted by a third-party screening provider. These may include but are not limited to your professional and academic qualifications, any criminal records and employment references. These checks will be initiated with your consent and your offer will be subject to the successful completion of these checks.

About Macfarlanes

Macfarlanes is a pre-eminent law firm that serves a global client base in private capital, private wealth, M&A and disputes. Personal connection, an entrepreneurial spirit and a commitment to excellence are at the heart of our firm. These values drive our ability to deliver exceptional outcomes for our clients.

We are big enough to undertake the most complex and demanding mandates yet small enough to know each other well and to be agile, adapting to the needs of our clients. We seek to strengthen the firm by recruiting talented people from all backgrounds who want to build long-lasting and impactful careers with us. Our culture is challenging and supportive, creating an environment where individuals can thrive.

Our commitment to inclusion

Inclusion is one of our key priorities and it is a goal we are actively working towards. We believe that an inclusive, forward-thinking culture is intrinsically important and enables us to provide innovative solutions to our clients.

We welcome applications from people of all backgrounds, bringing different perspectives and experiences, making Macfarlanes an exciting and stimulating place to work. We seek to recruit the best candidates, regardless of age, gender, race, ethnicity, social or economic background, religion, disability, sexual orientation or any other characteristic.

As part of this commitment, we will ask you certain diversity data questions. We would really appreciate you and/or your recruiter completing these questions when submitting an application to Macfarlanes as this data enables us to measure our progress and identify any actions needed to continue to support an inclusive culture. This data is anonymised to maintain the privacy of applicants. If you have any questions relating to how this data is used, please contact a member of the recruitment team.

Should you require any adjustments during the application and/or interview process, please do not hesitate to inform your recruiter or a member of the recruitment team. Please note, the job description is available in other accessible formats (for example, large print).

We are a Disability Confident Employer and will offer an interview to disabled applicants who best meet the essential criteria for the role. If you would like to apply through the Disability Confident Interview Scheme, please email the recruitment team at recruitment@macfarlanes.com.