Information Security Auditor
London, United Kingdom
Freshfields Bruckhaus Deringer
The world’s biggest international organisations rely on us to help them make the right decisions in a fast-changing world. We combine the knowledge, experience and energy of the whole firm to solve our clients’ most complex challenges, wherever...Join Freshfields' Information Security Group (ISG) as an Information Security Auditor and play a key role in strengthening our information and cyber security operations during a period of significant technological change.
Key Responsibilities:
Perform security assessments for 150+ new and current suppliers annually.
Audit ISO controls across the firm’s core operations
Regularly update policies, processes, and risk mitigation measures
Ensure compliance with security standards like ISO27001 and NIST
Assess and address third-party security risks, providing recommendations for improvements
Who We're Looking For:
IT/Information Security Auditing experience, ideally in third-party risk management
Strong knowledge of ISO 27001, with relevant auditing qualifications (Lead/Internal Auditor, etc.)
Proven ability to collaborate across teams, influencing stakeholders and translating complex technical requirements
Motivated, proactive, and eager to learn and grow in the security space
Desirable Skills:
Certifications like CISM, CISSP, CISA.
Knowledge of Cloud services (SaaS, PaaS, IaaS).
Familiarity with global cyber security and privacy laws.
If you’re detail-oriented, organized, and excited to be a part of a forward-thinking team, apply now to make an impact!
Inclusion
Freshfields is an equal opportunities employer and all applications received by the firm will be considered by the firm on the basis of their merit alone and we welcome applications from all suitably qualified individuals regardless of background. All offers of employment will be conditional on the candidate having/securing the right to work in the UK and providing the firm with evidence of that right (as required by the Immigration, Asylum and Nationality Act 2006) prior to employment commencing.
Freshfields is a Ban the Box employer. We ask applicants to disclose criminal convictions only when a conditional job offer is made. A conviction does not automatically lead to withdrawal of the offer: we make decisions on a case by case basis and take a number of factors into account (eg the role you are applying for and the circumstances of the offence). You would have the opportunity to discuss the matter with us before we make a decision.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISM CISSP Cloud Compliance IaaS ISO 27001 NIST PaaS Privacy Risk management SaaS Security assessment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.