Data & Information Security Analyst
18-Month Fixed-Term Contract
Birmingham or Leeds
Our established legal client are seeking an experienced Data & Information Security Analyst to join its Compliance & IT function on an 18-month fixed-term basis.
This role plays a critical part in safeguarding the firm’s data and digital assets. Working across IT and Compliance you will monitor and respond to security incidents, maintain security accreditations (including ISO 27001 and Cyber Essentials), and support continuous improvement of the firm’s information security framework.
You will work closely with internal teams and liaise with third-party suppliers to ensure robust, compliant, and effective security controls are in place.
Key Responsibilities.
- Monitor networks and systems for suspicious activity and security breaches
- Investigate, escalate, and respond to security incidents promptly
- Document incidents, analysis, and remediation actions
- Conduct regular vulnerability assessments
- Perform monthly endpoint application security checks to support accreditation compliance
- Arrange independent penetration testing (physical and black box)
- Support data gathering for Data Subject Access Requests (DSARs)
- Ensure policies, procedures, and controls are regularly reviewed and effective
- Conduct audits in line with ISO 27001 accreditation requirements
Skills & Experience
- Strong working knowledge of ISO 27001:2022
- Previous experience within the legal sector
- Relevant professional certifications (e.g. CISSP, CISM, CompTIA Security+)
- Strong understanding of security frameworks and standards (NIST, UK GDPR, Cyber Essentials / Cyber Essentials Plus)
- Experience with security tools such as XDR, EDR, and SIEM
