Information Security Assistant

Bevan Brittan is a leadingcommercial law firm. Alongside our recognised expertise in housing,local government, and health and social care, we are specialists inthe construction, energy and resource management, higher educationand financial services sectors.

Supported by our valued businessservices professionals, our award-winning and growing legal teamsprovide almost 2,000 organisations with commercial, corporate,property, finance, regulatory, employment and litigation (commercialand clinical negligence) legal and advisory services.

As a responsible business, weembrace four values: Relationships, Reputation, Responsible andResults. These give us a sense of purpose. They influence thedecisions we make and how we work with each other. Importantly, theymotivate us to deliver meaningful outcomes for our clients and thecommunities that we're part of.

Consistently recognised as one ofThe Times Best Law Firms and highly ranked across the legaldirectories, we are proud of our hard-earned reputation. Our 2023/24financial results confirmed both revenue and profit growth for aneleventh consecutive year, ensuring our ability to continueinvesting in our people.

Looking to the future, we'retargeting ambitious growth and success. And we're looking for thebest people to be part of it.

The successful candidate will joinBevan Brittan's growing Risk & Best Practice (R&BP) team.While the team is based in Bristol, suitable candidates based inthe Birmingham or Leeds areas would also be considered. The team isresponsible for operating, maintaining and monitoring the firm'sManagement System (ISO 9001, ISO 27001, ISO 22301 and ISO 14001),ensuring firm-wide compliance with legal and regulatory requirementsand promoting Best Practice within the firm and by third partiesworking with the firm.

Current R&BP team members include:

• Director of Risk : A board member and head of theR&BP team, has overall responsibility for Best Practice,Information Security and Environmental Management at strategic level.
• R&BP Solicitors: Provide a front-line risk and regulatoryadvice service to the firm, and the firm's management.
• Information Security Manager (CISM) : Oversees the day-to-dayoperation and maintenance of the firm's Management System (ISO9001, ISO 27001 and ISO 14001), plus the firm's Cyber Security andBusiness Continuity/Disaster Recovery (BC/DR) improvement programmes.
• R&BP Assistants : Provide administrative supportto the R&BP team, including the logging of informationsecurity and data protection incidents, and assisting the R&BPSolicitor and CISM with the management of the firm's internal andexternal audit programmes.
• Due Diligence Officers : Support solicitors with theonboarding of new clients, including compliance with ourobligations under the Money Laundering Regulations

The role

As the firm's ISO management systemcontinues to evolve, the Information Security Assistant will supportthe CISM and contribute to the team by carrying out the followingkey tasks:

Supporting the InformationSecurity Manager (CISM):

• Maintenance of the firm's ISOManagement System, including preparing for our annual ISO audits,setting up interviews with audit participants, and dealing withinvoicing and other administrative aspects associated with theaudits, (including following up and closing out agreed audit actions)
• Collating information for andcompletion of Information Security (InfoSec) and Cyber Security(CyberSec) questionnaires received from clients.
• Rolling out InfoSec/CyberSectraining across the firm and ensuring completion of outstanding training
• Contributing toInfoSec//CyberSec related change projects, and handling day-to-day queries
• Coordinating meetings ofinternal stakeholders to drive improvements in compliance inInfoSec and CyberSec policies, processes and procedures andaddress specific InfoSec/CyberSec issues.
• Assisting with the testing ofBusiness Continuity plans, and Business Impact Assessment (BIA)across the firm, with a view to the firm achieving ISO 22301(business continuity) in due course.
• Undertaking such other duties as may berequired within the general scope of the role
• Providing additional support tothe R&BP team.
• Dealing with emails and callsrelating to client queries and complaints.
• Preparing and publishingintranet news items for the R&BP team.
• Updating R&BP team policiesand guidance on the Know How database, and updating relevant linkson the intranet
• Creation of new internalapproval processes using HighQ Collaborate.

What we are looking for from you

The successful candidate will have:

• A careful, methodical approach withexcellent attention to detail and strong personal organisation toensure that issues are followed through and closed out.
• The ability to prioritise work (andreprioritise where urgent issues arise), deliver to pace and to deadlines,
• The ability to work independently and ontheir own initiative, being ambitious for improvement across thefirm, but mindful of, & subject to the priorities set by theDirector of Risk and the wider firm strategy.
• Ability to develop and buildupon strong relationships with key stakeholders within the firm
• Excellent written and verbalcommunication skills.
• The ability to identify improvements toworking practices within the R&BP team so as to maximise efficiency.
• Ability to take ownership oftasks and manage own workload to meet deadlines, identifying anyrisks to agreed deadlines and addressing these proactively.
• Ability to deliver work of ahigh quality, whilst ensuring that time allocated to particulartasks is proportionate.
• Proactive, self-motivated andflexible approach.
• In dealings with external thirdparties, being an effective ambassador and advocate for the firm,its culture and values.

Whilst not a requirement, thefollowing would also be an advantage:

• Relevant experience of workingin a business involved in the provision of legal services
• Experience in ISO management systems andaccreditations and/or Lexcel
• Familiarity with Microsoftapplications (Outlook, Word, Excel, PowerPoint, SharePointDesigner and Visio).
• Good working understanding of ITsystems (including document management systems such asFileSite/iManage, finance systems such as 3E, case managementsystems such as MatterSphere, online training systems such asVinciWorks, and cloud-based content-sharing sites such as HighQ Collaborate).
• Awareness of the key principlesof GDPR, Information Security and Quality Management

Work with approachable people

When we ask colleagues what makesBevan Brittan a great place to work, the most popular thing they sayis "the people". The overwhelming consensus is that wemake time for each other. We welcome questions and support eachother. Naturally, we look for new colleagues who align with ourvalues.

Supported to be your best

We operate a hybrid working model based onthe needs of our clients, teams and people. Our core business hoursare 9am - 5:15pm Monday to Friday, but we're open to our peopleworking more flexibly around those times and welcome a conversationwith you if you have any questions about this. We try to offer you the flexibility towork your week in a way that suits you.

Learning, Development & Progression

We're committed to supporting yourprofessional and personal development needs.This means that we offera range of tailored training courses and you will have lots ofopportunity to learn from those around you. We actively encourageprogression and this is reflected in our annual review and promotionprocesses. You will be supported by your line manager to achieveyour full potential.

As a Bevan Brittan employee, you'll haveaccess to a variety of services that support your wellbeing. We'vepledged our commitment to The Mindful Business Charter and lots ofour people contribute to our Wellbeing Responsible Business strand,which organises an annual calendar of wellbeing events and initiatives.

• A minimum of 25 days holiday(plus the option to buy up to an additional 5 days)
• Discretionary bonus scheme
• Private medical insurancethrough Vitality
• Biennial private healthassessment through Nuffield Health
• Life assurance
• Access to Employee Assistance Programme
• Cycle to work scheme

Embracing our differences andvaluing inclusion

Our shared aim is that everyone is welcome and can feel comfortable being themselves atBevan Brittan. To support this, we actively value and promoteequality, diversity and inclusion in everything that we do. You'll beempowered and supported through our employee led networks, diversecolleagues, and a broad range of firmwide initiatives.

Recognising the unique contributions thata diverse workforce can bring to our business, we encourageapplications from people of all backgrounds. We take great pride inbeing a Disability Confident Employer. If you need any adjustmentsthroughout the recruitment process or have any questions, please getin touch with our recruitment team by emailing recruitment@bevanbrittan.com

Acting responsibly, now and forthe future

To us, being a responsible business issecond nature; a core part of Bevan Brittan's identity. Our colleagues are heavily involved inshaping and delivering activity across the four pillars of our ResponsibleBusiness strategy : Community Engagement; EnvironmentalSustainability; Equality, Diversity & Inclusion; and Wellbeing.

Our people deliver pro bono legal work forcharities and not-for-profit organisations. We play an active rolein our local communities and donated £100,000 across our fourregional office charities last year. We are also proudly carbonneutral. We've achieved the UN's Climate Neutral Now accreditationand our environmental sustainability plan focuses on achieving ournet zero carbon target by 2040.

Collectively, the four pillars ensure welook after our colleagues' wellbeing; offer an environment in whicheveryone can progress on merit, give something back to thecommunities in which we work; and protect the environment.