As the Information Security and Data Protection Officer, you will be working with the Head of Risk and Compliance and the:
IT Security Officer to monitor and maintain our ISO 27001 Information Security Management System;
Data Protection Officer to monitor and maintain GDPR compliance across the business
What you’ll be doing as the Information Security and Data Protection Officer:
Information Security Management
In this role you will be responsible for ensuring compliance with the ISO framework.
Management of ISO 27001 documentation.
Maintenance and continual improvement of ISO 27001 performance and controls
Management and alignment to regulatory compliance. Update controls and documents as appropriate.
Assisting with the planning and conduct of internal and external audits.
Management of the corrective action plan from external and internal audits.  Manage action owners and implementation of guidance
Management of the information security Risk Register, manage; Action Owners
Deadlines
Closure of risks

Management of operational and centralised risk register and localised departmental risk management.
Assist with the transition from current ISO 27001 to the new iteration
GDPR
You will also play a vital role within the Risk and Compliance team to ensure the firm adheres to GDPR legislation. You will be experienced in this field and identify ways to improve efficiencies and ensure all operations are GDPR compliant.
Assisting the Data Protection Officer with the drafting new and amendment of existing data protection policies, guidelines and processes
Deliver training across all the business areas; appropriately tailored to the requirements of each specific business function
Conduct/Comply with internal audits as required
Managing and preparing responses to SARs received by the firm
What we are looking for:
Good working knowledge of GDPR legislations and the ISO27001 framework
Experience working within a law firm or other regulated business
A good understanding of the IT implications of GDPR
Have excellent interpersonal communication skills and the ability to delivery training sessions with your colleagues
Be able to evidence writing accessible policies and procedures
Why join Walker Morris:
When you’re looking for a job, we know it’s about more than just the role. That’s why we provide the support you need to develop and grow your career. We’ve hybrid and flexible working, so you can make work and life work together for you. Walker Morris is a top 100 commercial law firm where you don’t have to fit a mould, so you can bring your full self to work and our commitment to a meaningful work life balance means you can take your full-self home again too!
We’ve recently launched the new Walker Morris brand, which brings to life what it’s really like to work with and within the firm. What it really comes back to is our purpose, to forge your own path. It means we’re 70% corporate professional law firm but with 30% individual expression – meaning we’re personal, modern and have a drive for innovation.
What we offer:
Flexible working – we understand work-life balance is important, we are open to discussing your hybrid working preferences
Annual Leave – minimum of 25 days per year, increasing to 31 days with length of service. Also – buy/sell holidays up to 5 days per year
Bonus Scheme – our annual bonus scheme recognises outstanding contributions to the firm and our ambitions. All colleagues are eligible subject to meeting the criteria of the scheme.
Pension – saving for retirement? Let us do the hard work for you. We auto-enrol all eligible colleagues in to a workplace pension and we contribute a minimum of 5% of annual salary
Life Assurance – 4x your annual salary in the event of a death in service
At Walker Morris we are working to be an inclusive employer, and we encourage people from all backgrounds, ways of thinking and working to apply. We particularly welcome applications from Disabled, Black, Asian and Minority Ethnic as well as LGBTQ+ and non-binary candidates. Each individual brings their own unique capabilities, experiences and characteristics to their work, so you don’t have to meet all the requirements listed to apply for this role.