Information Security Technical Risk Officer

Other

Job Reference

200000CU

Function

Other

Category

Business Professionals

Location

Leeds, United Kingdom

Schedule

Full-time

The role

Our commitment, your career.  We encourage you to reach your full potential. To explore the opportunities and choices that shape your individual career journey. Here, personal growth goes hand in hand with professional development in a supportive culture. No two careers - or two people - are the same at DLA Piper. You can be yourself in a diverse team where every voice is heard and your success is recognised.   DLA Piper, a leading global law firm, is looking for an experienced Information Security Technical Risk Officer, joining our best in class Information Security team located in Leeds, however supporting the firm internationally.   As a key member of the wider Information Security team, the Information Security Technical Risk Officer will work across all levels of the business, providing input in day to day activities as well as engaging with technical leadership and senior business management.  MAIN DUTIES AND RESPONSIBILITIES   The main objectives of this role are to:
  • Lead Security risk assessments within projects, supplier engagements and IT change
  • Share risk mitigation options, ensuring security risks are managed in line with the firms risk policies
  • Review supplier questionnaires, identifying and managing potential risks
  • Work with Suppliers to agree remediation plans and track remediation activities
  • Communicate the security impact of technology risks, the approach to risk mitigation and risk acceptance across all levels of the business
  • Provide risk advisory services to technology and business groups
  • Work with stakeholders, both technical and non-technical to enable a pragmatic approach to applying security best practice
  • Provide Security and Technical expertise during Information Security audits
ABOUT YOU
  • Experience in 3rd party supplier assurance and risk management (5+ years)
  • Experience in technical risk management (5+ years)
  • Experience in cloud security and risk, ideally arising from experience supporting cloud transformation and migration initiatives
  • Experience leading technical controls assurance testing
  • Experience to be complimented by certifications e.g. CRISC, CISSP, ISO27001 Lead Auditor, Data Privacy (e.g. CIPT) etc.
  • Must have experience working within a highly regulated environment
  • Experience educating colleagues in security supplier assurance and security risk
  • Experience of Business Continuity Risk identification
The following characteristics are essential:
  • Highly motivated, proactive and able to work on own initiative
  • Excellent communication and collaboration skills
  • Ability to adapt to a fast-moving landscape
  • Actively keeps up to date with emerging threats and risk trends
  • Ability to deliver in a global organisation with different cultural challenges
  • The ability to effectively manage multiple tasks/projects
  • Organised and self-motivated
  • Genuine passion for Information Security Risk and Assurance
  • Desire to develop (themselves and their colleagues)
ABOUT US  DLA Piper is a global law firm with lawyers located in more than 40 countries throughout the Americas, Europe, the Middle East, Africa and Asia Pacific. Our global reach ensures that we can help businesses with their legal needs anywhere in the world. We strive to be the leading global business law firm by delivering quality, service excellence and value to our clients and offering practical and innovative legal solutions to help them succeed. Our clients range from multinational, Global 1000, and Fortune 500 enterprises to emerging companies developing industry-leading technologies, as well as government and public sector bodies.  OUR VALUES  In everything we do connected with our People, our Clients and our Communities, we live by these values:
  • Be Supportive - we care about others, value diversity and act thoughtfully
  • Be Collaborative - we give, we share and we join in
  • Be Bold - we stand tall and challenge ourselves to think big
  • Be Exceptional - we exceed standards and expectations
DIVERSITY AND INCLUSION  At DLA Piper we are working hard to ensure that our talent pool is diverse. For us, diversity isn't just about visible differences, it's the unique blend of talents, skills, experiences and perspectives that makes each of us an individual.  We know it's crucial to have a culture and environment where those differences are genuinely valued and that's why we strive to be a business where everyone can thrive, develop and succeed based on their talent. Our aim is to build an inclusive and supportive culture where all our people feel they belong and can achieve their best.  We support anyone with a disability or long term health condition to ensure they have the opportunity to perform at their best.   If you have not done so already, please let us know if you require any support so we can make the right adjustments and considerations, should they be required.   AGILE WORKING   We recognise that people have responsibilities and interests outside of their career and that as a business, we all benefit from working flexibly. That's why we are open to discussing with candidates the different ways in which we are able to support requests for agile working arrangements.   PRE-ENGAGEMENT SCREENING   In the event that we make an offer to you, and where local legislation permits, we will conduct pre-engagement screening checks that may include but are not limited to your professional and academic qualifications, your eligibility to work in the relevant jurisdiction, any criminal records, your financial stability and references from previous employers.