Information Security Assurance & Cyber Specialist

Harneys is an international law firm known for its entrepreneurial thinking. Experts in British Virgin Islands, Cayman Islands, Cyprus, Luxembourg, Bermuda, Anguilla, and Jersey law, our service is built around professionalism, personal service, and rapid response.

Our expertise covers all major transactional, contentious, and private client disciplines. With a global presence spanning 10 offices in key financial centres across the Americas, Asia, the Caribbean, and Europe, we provide the highest-quality services to clients in their own languages and time zones.

About the role

In the role as the Information Security Assurance & Cyber Specialist at Harneys, you will be based in our dynamic London office, playing a pivotal role within our Security team. Your primary responsibility will be ensuring our firm adheres to governance and assurance obligations, such as ISO 27001:22, Due Diligence Requests, and SOC II compliance. Additionally, you will collaborate closely with the Information Security Technology Manager to safeguard the firm using the latest and most advanced security tools.

This multifaceted role combines security governance and assurance with hands-on technical skills, utilising state-of-the-art security products to proactively protect the firm and its valuable assets. Your organisational skills and responsiveness will be crucial, as you will need to maintain a keen eye for detail and adapt to a flexible work schedule with shifting priorities. A positive, can-do attitude is essential as you tackle various tasks with enthusiasm and diligence.

Furthermore, your ability to work efficiently across different time zones and interact seamlessly with colleagues and clients from diverse cultural backgrounds will be a significant advantage. Demonstrating integrity, sound judgment, and the capability to think on your feet, you will seek clarification whenever necessary to ensure the highest standards of performance. Your role is integral to maintaining the security and integrity of our firm, and we are confident that your skills and dedication will make a substantial impact.

Responsibilities

• Support and lead the implementation of information security policies, procedures, and standards ensuring alignment with, corporate policy, industry best practices and regulatory requirements (e.g., SOC 2, ISO 27001, NIST 800-53, GDPR, etc.)
• Manage customer information security due diligence requests in connection with Harney’s supply chain commitments
• Collaborate with internal stakeholders across various departments to implement security controls and raise awareness of security best practices
• Monitor and maintain security documentation, including Harney’s specific policies, procedures, and risk assessments.
• Leading and planning implementation of ISO 27001:2022 audits and subsequent remedial audit work
• Assist the Information Security Technology Manager with the day to day running of the Harney’s security software stack (DarkTrace, Sentinel One & Microsoft Defender etc)

Requirements

• Highly experienced in information security governance, risk management, and compliance.
• Demonstrated experience with developing and implementing information security policies, procedures, and standards.
• Experience with SOC 2, ISO 27001, NIST 800-53 and GDPR compliance frameworks is highly preferred.
• CISSP/CISM certification.
• ISO 27001 Lead Implementor Qualification or equivalent experience
• Strong understanding of security risk management principles and methodologies.
• Excellent communication, collaboration, and interpersonal skills.
• Ability to work independently and as part of a team.
• Proficient in Microsoft Security Stack.
• Experience with security awareness and training programs.
• Experience with GRC (Governance, Risk, and Compliance) tools.

Disclaimer

All personal information shared as part of the application process will be used for recruitment-related purposes only. You can read more about this in our Job Applicant Privacy Statement

Harneys is strictly an equal opportunities employer and we recognise the benefits of diversity. For more information, please visit Harneys.com/careers

You can learn more about our culture and values on our corporate website.