< Back to jobs

Job Title Information Security Assistant
Location Birmingham, Bristol or Leeds

Job Title: Information Security Assistant

Location: Bristol (however will consider candidates for our Birmingham or Leeds office)

Join a team that makes real changes

Bevan Brittan is a UK-Top 100 commercial law firm providing a comprehensive range of legal services from offices in Bristol, Birmingham, Leeds and London.

The firm advises businesses across construction, energy & resource management, higher education and financial services, complementing the firm's market leadership within housing, local government and health and social care.

We currently employ over 500 people, including 80 Partners, and our award-winning teams provide construction, commercial, corporate, property, regulatory, employment and litigation (commercial and clinical negligence) legal advice.

Bevan Brittan is named among 'The Times Best Law Firms 2022' and has recently either won or been shortlisted for a number of prestigious awards including 'Legal Firm of the Year' at the Bristol Life Awards 2021.

We are driven by our 4 values: Relationships, Results, Reputation and Responsible. These give us a sense of purpose and ensure we always work collaboratively with clients and colleagues, continually improve, make the right choices and act with integrity.

Bevan Brittan is an equal opportunities employer and welcomes applicants from all backgrounds.

Rise to the Challenge

The successful candidate will join Bevan Brittan's growing Risk & Best Practice (R&BP) team. Whilst the team is based in Bristol, suitable candidates based in the Birmingham or Leeds areas would also be considered. The team is responsible for operating, maintaining and monitoring the firm's Management System (ISO 9001, ISO 27001 and ISO 14001), ensuring firm-wide compliance with legal and regulatory requirements and promoting Best Practice within the firm and by third parties working with the firm.

Current R&BP team members include:

  • Director of Risk : A board member and head of the R&BP team, has overall responsibility for Best Practice, Information Security and Environmental Management at strategic level.
  • R&BP Solicitors: Provide a front-line risk and regulatory advice service to the firm, and the firm's management.
  • Information Security Manager (CISM) : Oversees the day-to-day operation and maintenance of the firm's Management System (ISO 9001, ISO 27001 and ISO 14001), plus the firm's Cyber Security and Business Continuity/Disaster Recovery (BC/DR) improvement programmes.
  • R&BP Assistants : Provide administrative support to the R&BP team, including the logging of information security and data protection incidents, and assisting the R&BP Solicitor and CISM with the management of the firm's internal and external audit programmes.
  • Due Diligence Officers : Support solicitors with the onboarding of new clients, including compliance with our obligations under the Money Laundering Regulations


As the firm's ISO management system continues to evolve, the Information Security Assistant will support the CISM and contribute to the team by carrying out the following key tasks:

Supporting the Information Security Manager (CISM):

  • Maintenance of the firm's ISO Management System, including preparing for our annual ISO audits, setting up interviews with audit participants, and dealing with invoicing and other administrative aspects associated with the audits, (including following up and closing out agreed audit actions)
  • Collating information for and completion of Information Security (InfoSec) and Cyber Security (CyberSec) questionnaires received from clients.
  • Rolling out InfoSec/CyberSec training across the firm and ensuring completion of outstanding training
  • Contributing to InfoSec//CyberSec related change projects, and handling day-to-day queries
  • Coordinating meetings of internal stakeholders to drive improvements in compliance in InfoSec and CyberSec policies, processes and procedures and address specific InfoSec/CyberSec issues.
  • Assisting with the testing of Business Continuity plans, and Business Impact Assessment (BIA) across the firm, with a view to the firm achieving ISO 22301 (business continuity) in due course.
  • Undertaking such other duties as may be required within the general scope of the role

General Risk & Best Practice Support

  • Providing additional support to the R&BP team.
  • Dealing with emails and calls relating to client queries and complaints.
  • Preparing and publishing intranet news items for the R&BP team.
  • Updating R&BP team policies and guidance on the Know How database, and updating relevant links on the intranet
  • Creation of new internal approval processes using HighQ Collaborate.


The successful candidate will have:

  • A careful, methodical approach with excellent attention to detail and strong personal organisation to ensure that issues are followed through and closed out.
  • The ability to prioritise work (and reprioritise where urgent issues arise), deliver to pace and to deadlines,
  • The ability to work independently and on their own initiative, being ambitious for improvement across the firm, but mindful of, & subject to the priorities set by the Director of Risk and the wider firm strategy.
  • Ability to develop and build upon strong relationships with key stakeholders within the firm
  • Excellent written and verbal communication skills.
  • The ability to identify improvements to working practices within the R&BP team so as to maximise efficiency.
  • Ability to take ownership of tasks and manage own workload to meet deadlines, identifying any risks to agreed deadlines and addressing these proactively.
  • Ability to deliver work of a high quality, whilst ensuring that time allocated to particular tasks is proportionate.
  • Proactive, self-motivated and flexible approach.
  • In dealings with external third parties, being an effective ambassador and advocate for the firm, its culture and values.

Whilst not a requirement, the following would also be an advantage:

  • Relevant experience of working in a business involved in the provision of legal services
  • Experience in ISO management systems and accreditations and/or Lexcel
  • Familiarity with Microsoft applications (Outlook, Word, Excel, PowerPoint, SharePoint Designer and Visio).
  • Good working understanding of IT systems (including document management systems such as FileSite/iManage, finance systems such as 3E, case management systems such as MatterSphere, online training systems such as VinciWorks, and cloud-based content-sharing sites such as HighQ Collaborate).
  • Awareness of the key principles of GDPR, Information Security and Quality Management

Work-life Balance

We offer a substantial benefits package to all employees, which includes 25 days holiday (plus the option to buy up to an additional 5 days), a generous pension scheme and private medical insurance through Vitality (including "phone a GP service", discounted gym membership and 'Vitality' Partner discounts).

All of our people are entitled to a biennial private health assessment through Nuffield Health and are included in the group life assurance scheme. We also have an Employee Assistance Programme (free telephone support and counselling service) and a cycle scheme (Save Tax & NI on a bike for cycling to work).

Where possible, we want to offer all Bevan Brittan people flexibility to work their week in a way that suits them - we operate a hybrid working model based on the needs of our clients, teams and that of the individual. Our core business hours are 9am - 5:15pm Monday to Friday, however we are open to individuals working more flexibly around those times and would welcome a conversation with you if you have any questions.

Responsible Business

To us, being a responsible business is second nature; a core part of Bevan Brittan's identity, running through our culture and embodied by the clients we serve.

Bevan Brittan seeks to play an active role within its local office communities. Through regular fundraising events, support for local initiatives and annual charity donations at Christmas, we have established a culture of giving within the firm. In December 2021 we donated a total of £60,000 to our four regional office charities, with each charity receiving £15,000 to help fund their vital services.

Our current selected charity in Bristol is Great Western Air Ambulance.

We want to demonstrate our commitment to these causes through actions rather than words; colleagues from across the firm are already heavily involved, living and breathing the four pillars of our Responsible Business strategy:

  • Community Engagement
  • Environmental Sustainability
  • Equality, Diversity & Inclusion
  • Wellbeing

Collectively, these four pillars ensure we look after our colleagues' wellbeing; offer an environment in which all can progress on merit, regardless of personal circumstances or background; give something back to the communities in which we work; and protect the environment.

Bevan Brittan is proudly a carbon neutral firm. We have achieved the UN's Climate Neutral Now accreditation and our environmental sustainability plan is focussed on achieving our net zero carbon target.

Each lawyer has the opportunity to undertake pro bono legal work for local charities and not-for-profit organisations. This has seen colleagues support the Great Western Air Ambulance Charity (Bristol), Moseley Road Swimming Baths (Birmingham), Yorkshire Cat Rescue (Leeds), Great Western Credit Union (London), and several others.