InfoSec Analyst - London/Hybrid - £45,000-£55,000

We’re pleased to be working with a highly regarded law firm that’s investing in its internal information security function to meet growing client expectations and regulatory obligations. They’re looking to bring on anInformation Security Analystto lead ISO 27001 compliance, oversee supplier due diligence, and promote a secure-by-design approach throughout the firm. This position includes a£45,000 – £55,000 salary, strong UK benefits, and a hybrid working model.

What you’ll be doing:

Maintain and improve the ISMS and associated security documentation
Support ISO 27001:2022 compliance and help expand scope internationally
Deliver risk assessments, audits, and compliance checks across departments
Run internal security training and awareness campaigns
Investigate security incidents and support response and remediation efforts
Handle supplier due diligence and respond to client security queries

What we’re looking for:

Experience in information security or a related compliance role
Working knowledge of ISO 27001, NIST, Cyber Essentials or similar frameworks
Strong communicator and collaborator across teams and geographies
Certifications like CISSP, CISMP, or Lead Auditor (preferred but not essential)
Familiarity with Microsoft 365 and cloud security, especially Azure

Locke & McCloud is the leading specialist in cyber security and information security talent.With an exclusive focus on the cyber security and information security space, we’ve built deep, long-standing relationships with cutting-edge cyber security consultancies and forward-thinking end-users. We're currently building a platform designed specifically for the cyber security industry – giving professionals like you access to more targeted information security and cyber security opportunities than ever before. If you're exploring your next move in the cyber security or information security market, we’d love to hear from you.