< Back to Jobs

Job Title Chief Information Security Officer
Department IT
Role Business Services
Job Location Bristol

The role:

The Chief Information Security Officer is a senior role within the CIO portfolio which services the entire Firm. The role holder will provide a clear vision and direction for information and Cyber Security operations. They will promote continuous improvement, innovation, and agility in service delivery, whilst working in consultation and collaboration with colleagues across the Firm.

As the CISO, you will be responsible for overseeing a range of technical and process security controls and leading a programme of continuous improvement in response to changing security threats and risk.

The role requires a thorough understanding of the technology underpinning the Firm's IT systems, as well as a broad, up-to-date knowledge of information security frameworks, pertinent regulation and legislation, vulnerability management, incident management and response, secure development techniques and approaches, Cyber Security engineering and operations, and management and governance of Cyber risk and Cyber Security.

Having performed a similar role in a large, distributed organisation, you will have a strong information and Cyber Security background along with formal qualifications. You will have established and led a large, progressive information security function, developing innovative, future focused information and Cyber Security capability in support of business objectives. You will be a strategic and lateral thinker with exceptional leadership credentials and a sophisticated approach to stakeholder and supplier management.

This is a fantastic opportunity to join a leading global law firm in a pivotal and highly visible leadership role which will require high levels of personal energy and commitment.

What will you do:

Information and Cyber Security Strategic Direction
• Define, develop, and maintain a business-aligned Information and Cyber Security strategy and operating model
• Own, define, and embed an Information Security Policy Framework across the Firm that addresses the needs of the Firm, its partners & staff and other external stakeholders in line with relevant legislation and industry standards

Leadership and People Management
• Develop and lead an effective, high-performance Information Security team retaining and attracting key talent to ensure continuous improvement in staff competencies, skills and knowledge
• Establish and maintain clear and measurable Information and Cyber Security strategic plans, budgets and targets, and robust and fit-for-purpose operational procedures and deliver measurable service improvements and ensure that all elements of the service represent the best value for money

Information and Cyber Security Management
• Provide senior leadership and oversight of effective information and Cyber Security risk management, integrated with the Firm's risk management framework
• Ensure that information and Cyber Security risks to the Firm presented through suppliers and delivery partners are identified and managed appropriately

What we are looking for:

• Substantial experience in senior management in a complex IT organisation encompassing service delivery, application development and IT infrastructure
• A track record in the management and delivery of transformational security improvements across an organisation
• Proven experience at engaging, influencing and managing stakeholders across departmental and organisational boundaries up to and including Board level
• A track record in directing and managing innovative change and continuous improvement, ensuring excellent organisational performance and outcomes across a complex portfolio of responsibilities
• Proven experience at managing complex budgets and resources with a track record of identifying and securing approval for business cases at enterprise level for organisational investment in information and cyber security
• Experienced in leading, developing and motivating a team of subject matter experts
• An excellent understanding of best practice within Information Security and risk management including standards such as ISO/IEC 27001, Cyber Essentials and CObIT

An appropriate degree, equivalent qualification or experience. One or more of the following qualifications are highly desirable:
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• Certified Information systems Auditor (CISA)
• MSc Information Security
• Achieved Senior or Lead level certification in the NCSC's Certified Cyber Professional scheme in one or more of Security and Information Risk Advisor (SIRA), IA Architect,
• IA Auditor, IT Security Officer
• Full membership of the Institute of Information Security Professionals
• Prince 2/PMP

Here at Simmons & Simmons:

We believe our people define us. Our working environment is genuinely collegiate with a supportive atmosphere and team ethos - we have a reputation for being a friendly culture which we are very proud of. An inclusive and diverse culture, our innovative approach and being truly international are just a few more things that make us, us.

• Competitive Offer Package including bonus's dependant on role/level, private medical insurance & pension contribution to name a few.
• Dress 'for your day' Code.
• Hybrid working approach of 2 days a week required in the office with flexibility dependant on role/team/client demands.
• A wide range of international offices including: Hong Kong; Dubai; Tokyo; Dublin; Milan; Bristol; Madrid; Singapore.
• All offices have their own artwork collections - with a Damien Hurst and a Tracey Emin in the London office. We have a long standing history in supporting the art community especially up and coming artists.
• The creation of Simmons & Simmons Solutions - bringing together the best legal advice from our established legal teams with non-traditional capabilities that enhance, expand and differentiate the Simmons offering.
• We were ranked as a Times Top 50 Employer for Women and Top 30 Employer for Working Families in 2020.
• We have Social and Sport Committees contributing to Xmas & Summer parties, end of month drinks and various sporting events.
• We also have a range of Diversity Network Groups including LGBT+, Emerge (Race & Ethnicity) and The Number One Club (Women's network) who have organised various talks and events firmwide.

If you are interested in finding out more about this position then please contact the Recruitment Team with any questions. To apply for the role please click on the link at the bottom of the page/visit the career pages on our website, where there is also a detailed job description.

Additional Documents
Attachment Uploaded by Firm User