Slaughter and May
Information Security Assurance Specialist

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
ROLE OVERVIEW //
Reporting to the Information Security Manager, the Information Security Assurance Specialist will play a pivotal role in strengthening the firm’s information security posture. It will identify where security assurance testing of the firm’s systems and processes is required, commission the required tests from relevant suppliers, and manage their findings through to resolution. It will also provide security assurance in relation to the IT project and change management lifecycles by identifying security requirements, reviewing project design documentation, and working with technical stakeholders to mitigate information security risks associated with technical change requests. The successful candidate will be proactive and motivated individual with the ability to quickly grasp technical concepts and effectively communicate information security risks to a range of stakeholders. A strong background in information security within professional or financial services is essential.
KEY RESPONSIBILITIES //
The key responsibilities of this role are set out below and there may be others which are not listed. You may be required on occasion to work outside our normal working hours of 9:30am to 5:30pm.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Plan, scope, commission and oversee a wide range of technical assurance testing, including: Penetration tests of IT project deliverables as they approach release to production. The baseline annual penetration test of the firm’s core systems and IT infrastructure. Other offensive security testing, such as physical penetration tests and social engineering exercises (e.g. vishing), to provide assurance in relation to non-technical security controls. Validate the findings arising from such tests with relevant subject matter experts, prioritise them based on risk, and manage them through to resolution (e.g. mitigation or risk acceptance). Work with the Technology department’s IT Architecture function to review design documentation for new (or significant changed) IT solutions, embedding security requirements from the outset. Identify and assess the information security risks associated with technical change requests and represent information security perspectives at Technical Change Advisory Board (T-CAB). Information Security Assurance Officer 2 Help drive continuous improvement and consistency in relation to security assurance, e.g. by: Helping to define what security testing the firm requires and when. Pre-empting and pre-defining typical information security requirements for projects. Assist in managing the firm’s information security management system (ISMS), including maintaining policies, producing management reports, and supporting compliance activities.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
CANDIDATE PROFILE //
Candidates for this position must have:
Strong experience in an information security or technical cyber security role, ideally within a regulated environment or an organisation aligned to ISO 27001. Strong knowledge of ISO 27001 and Cyber Essentials Plus standards. A self-motivated, results-driven mindset with a strong sense of ownership and accountability. Excellent organisational skills, with the ability to prioritise effectively in a fast-paced environment. Intellectual curiosity and a commitment to continuous improvement, including researching new ideas and validating them through testing. Proven ability to collaborate effectively, build strong professional relationships, and communicate confidently with senior leadership.
We welcome applications irrespective of race, colour, ethnic or national origin, disability, sex, gender identity, sexual orientation, age, religion, belief or marital status.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location