Location Bristol Description Make a Real Impact Bevan Brittan is a leading commercial law firm. Alongside our recognised expertise in housing, local government, and health and social care, we are specialists in the construction, energy and resource management, higher education and financial services sectors. Supported by our valued business services professionals, our award-winning and growing legal teams provide almost 2,000 organisations with commercial, corporate, property, finance, regulatory, employment and litigation (commercial and clinical negligence) legal and advisory services. As a responsible business, we embrace four values: Relationships, Reputation, Responsible and Results. These give us a sense of purpose. They influence the decisions we make and how we work with each other. Importantly, they motivate us to deliver meaningful outcomes for our clients and the communities that we're part of. Consistently recognised as one of The Times Best Law Firms and highly ranked across the legal directories, we are proud of our hard-earned reputation. Our 2023/24 financial results confirmed both revenue and profit growth for an eleventh consecutive year, ensuring our ability to continue investing in our people. Looking to the future, we're targeting ambitious growth and success. And we're looking for the best people to be part of it. Join a team of experts and progressive thinkers The successful candidate will join Bevan Brittan's growing Risk & Best Practice (R&BP) team. Whilst the team is based in Bristol, suitable candidates based in the Birmingham or Leeds areas would also be considered. The team is responsible for operating, maintaining and monitoring the firm's Management System (ISO 9001, ISO 27001, ISO 22301 and ISO 14001), ensuring firm-wide compliance with legal and regulatory requirements and promoting Best Practice within the firm and by third parties working with the firm. Current R&BP team members include: Director of Risk : A board member and head of the R&BP team, has overall responsibility for Best Practice, Information Security and Environmental Management at strategic level. R&BP Solicitors: Provide a front-line risk and regulatory advice service to the firm, and the firm's management. Information Security Manager (CISM) : Oversees the day-to-day operation and maintenance of the firm's Management System (ISO 9001, ISO 27001 and ISO 14001), plus the firm's Cyber Security and Business Continuity/Disaster Recovery (BC/DR) improvement programmes. R&BP Assistants : Provide administrative support to the R&BP team, including the logging of information security and data protection incidents, and assisting the R&BP Solicitor and CISM with the management of the firm's internal and external audit programmes. Due Diligence Officers : Support solicitors with the onboarding of new clients, including compliance with our obligations under the Money Laundering Regulations The role As the firm's ISO management system continues to evolve, the Information Security Assistant will support the CISM and contribute to the team by carrying out the following key tasks: Supporting the Information Security Manager (CISM): Maintenance of the firm's ISO Management System, including preparing for our annual ISO audits, setting up interviews with audit participants, and dealing with invoicing and other administrative aspects associated with the audits, (including following up and closing out agreed audit actions) Collating information for and completion of Information Security (InfoSec) and Cyber Security (CyberSec) questionnaires received from clients. Rolling out InfoSec/CyberSec training across the firm and ensuring completion of outstanding training Contributing to InfoSec//CyberSec related change projects, and handling day-to-day queries Coordinating meetings of internal stakeholders to drive improvements in compliance in InfoSec and CyberSec policies, processes and procedures and address specific InfoSec/CyberSec issues. Assisting with the testing of Business Continuity plans, and Business Impact Assessment (BIA) across the firm, with a view to the firm achieving ISO 22301 (business continuity) in due course. Undertaking such other duties as may be required within the general scope of the role General Risk & Best Practice Support Providing additional support to the R&BP team. Dealing with emails and calls relating to client queries and complaints. Preparing and publishing intranet news items for the R&BP team. Updating R&BP team policies and guidance on the Know How database, and updating relevant links on the intranet Creation of new internal approval processes using HighQ Collaborate. What we are looking for from you The successful candidate will have: A careful, methodical approach with excellent attention to detail and strong personal organisation to ensure that issues are followed through and closed out. The ability to prioritise work (and reprioritise where urgent issues arise), deliver to pace and to deadlines, The ability to work independently and on their own initiative, being ambitious for improvement across the firm, but mindful of, & subject to the priorities set by the Director of Risk and the wider firm strategy. Ability to develop and build upon strong relationships with key stakeholders within the firm Excellent written and verbal communication skills. The ability to identify improvements to working practices within the R&BP team so as to maximise efficiency. Ability to take ownership of tasks and manage own workload to meet deadlines, identifying any risks to agreed deadlines and addressing these proactively. Ability to deliver work of a high quality, whilst ensuring that time allocated to particular tasks is proportionate. Proactive, self-motivated and flexible approach. In dealings with external third parties, being an effective ambassador and advocate for the firm, its culture and values. Whilst not a requirement, the following would also be an advantage: Relevant experience of working in a business involved in the provision of legal services Experience in ISO management systems and accreditations and/or Lexcel Familiarity with Microsoft applications (Outlook, Word, Excel, PowerPoint, SharePoint Designer and Visio). Good working understanding of IT systems (including document management systems such as FileSite/iManage, finance systems such as 3E, case management systems such as MatterSphere, online training systems such as VinciWorks, and cloud-based content-sharing sites such as HighQ Collaborate). Awareness of the key principles of GDPR, Information Security and Quality Management Work with approachable people When we ask colleagues what makes Bevan Brittan a great place to work, the most popular thing they say is "the people". The overwhelming consensus is that we make time for each other. We welcome questions and support each other. Naturally, we look for new colleagues who align with our values. Supported to be your best Hybrid working We operate a hybrid working model based on the needs of our clients, teams and people. Our core business hours are 9am - 5:15pm Monday to Friday, but we're open to our people working more flexibly around those times and welcome a conversation with you if you have any questions about this. We try to offer you the flexibility to work your week in a way that suits you. Learning, Development & Progression We're committed to supporting your professional and personal development needs.This means that we offer a range of tailored training courses and you will have lots of opportunity to learn from those around you. We actively encourage progression and this is reflected in our annual review and promotion processes. You will be supported by your line manager to achieve your full potential. Wellbeing As a Bevan Brittan employee, you'll have access to a variety of services that support your wellbeing. We've pledged our commitment to The Mindful Business Charter and lots of our people contribute to our Wellbeing Responsible Business strand, which organises an annual calendar of wellbeing events and initiatives. Benefits A minimum of 25 days holiday (plus the option to buy up to an additional 5 days) Discretionary bonus scheme Generous pension scheme Private medical insurance through Vitality Biennial private health assessment through Nuffield Health Life assurance Access to Employee Assistance Programme Cycle to work scheme Embracing our differences and valuing inclusion Our shared aim is that everyone is welcome and can feel comfortable being themselves at Bevan Brittan. To support this, we actively value and promote equality, diversity and inclusion in everything that we do. You'll be empowered and supported through our employee led networks, diverse colleagues, and a broad range of firmwide initiatives. Recognising the unique contributions that a diverse workforce can bring to our business, we encourage applications from people of all backgrounds. We take great pride in being a Disability Confident Employer. If you need any adjustments throughout the recruitment process or have any questions, please get in touch with our recruitment team by emailing recruitment@bevanbrittan.com Acting responsibly, now and for the future To us, being a responsible business is second nature; a core part of Bevan Brittan's identity. Our colleagues are heavily involved in shaping and delivering activity across the four pillars of our Responsible Business strategy : Community Engagement; Environmental Sustainability; Equality, Diversity & Inclusion; and Wellbeing. Our people deliver pro bono legal work for charities and not-for-profit organisations. We play an active role in our local communities and donated £100,000 across our four regional office charities last year. We are also proudly carbon neutral. We've achieved the UN's Climate Neutral Now accreditation and our environmental sustainability plan focuses on achieving our net zero carbon target by 2040. Collectively, the four pillars ensure we look after our colleagues' wellbeing; offer an environment in which everyone can progress on merit, give something back to the communities in which we work; and protect the environment.