Senior Technical Risk & Security Specialist

Clyde & Co
South East England
25 Jul 2017
15 Aug 2017
Contract Type

Clyde and Co is a rapidly expanding international law firm that operates complex matrix-based local and global organisational structures. The firm's IT function is transitioning from one based on a local/regional model to a globally integrated organisation and so the job holder's role will develop in conjunction with these changes.

The IT Department is responsible for the delivery of all aspects of the firm's Information Technology systems and services, including all phases of design, build implementation and operations.

The job holder is responsible for ensuring that the information security arrangements are driven to further meet the needs of the region, its clients, are reliable, robust, and scalable and that the service levels agreed with the local offices are met. This will be delivered in collaboration with other team s, their team members, local IT resource and third party vendors.

Main Responsibilities

For the offices for which the job holder is responsible they will work with the IT Security Manager and all other relevant internal and external resources available to them to ensure that information and technology security risks are identified, managed, and treated, in line with the firm's commercial, regulatory, and best practice requirements.

Specifically the job holder will:

Work with the IT Security Manager to devise and implement the IT risk assurance processes
Work with the IT Security Manager to support the development and implementation of the IT risk strategy.
Work with the IT Security Manager to support the successful alignment to client security requirements.
Support the successful implementation of IT risk & security monitoring systems and deliver into BAU operation.
Work with BAU and Risk teams to ensure that any training requirements are delivered to appropriate teams.
Support the third party supplier technology risk management programme.
Develop security reporting and metrics to management
Ensure that security policies and standards are developed taking into account current and future IT security and cyber risks.
Develop security requirements for the project lifecycle and be responsible for their implementation in the all project based work.


Experience in information security and risk management
Experience in driving change in security functions
Experience working with IT security guidelines and requirements outlined or as driven by regulatory bodies or standards
Holds at least one recognised security certification
Knowledge of emerging technologies

Candidate Specification

Experience of service delivery and ideally technical experience with a broad knowledge of the core Infrastructure and application technologies used by a law firm.

Able to demonstrate significant success in a similar service delivery role in a professional services environment, ideally, a law firm

Proven ability to:

Communicate effectively with audiences with various levels of technical understanding
Strong interpersonal skills to be able to communicate, influence, and negotiate with stakeholders at various levels in the hierarchy.
Organise and deliver vulnerability management and associated monitoring solutions and practices.
Ability to initiate own work priorities and manage work initiatives independently.
Excellent oral and written briefing skills with the ability to produce and present management progress and status reports.
Demonstrate ability to succeed within a complex stakeholder environment
Must be a critical thinker with strong problem-solving skills
High level of personal integrity as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
Should be able to contribute to the ISS leadership team on a broad range of subjects.
Proven customer and service delivery, problem, project and team management skills
Strong motivational skills and an ability to deliver to time, quality and budget
Business planning and budget management experience
A delivery focused team player that has a strong customer service ethic, leads by example, is committed, well-disciplined, self-motivated, pro-active, positive, flexible, reliable, open, honest, friendly and approachable.


Broad knowledge of core Infrastructure and applications with substantial relevant support (user and technical) and project management experience.
Analytical and logical approach to problem solving with the ability to operate in an unstructured and pressured environment and take decisions.
Service delivery and customer focused proven ability to develop and implement SLA and deliver against these.
Strong people and vendor management skills ideally with experience of and involvement in bid management.


written and verbal communication skills with an ability to communicate with senior staff in non-technical terms
persuasion and influencing skills
customer service skills
analysis and judgment with an ability to cope with ambiguity

This is the job description as constituted at present; however the firm reserves the right to reasonably amend it in accordance with the changing needs of the business.