Information Security Officer Compliance & Risk
Do you have the skills and vision to strengthen information security while influencing stakeholders across a leading law firm?
We are looking for an experienced Information Security Manager in Aberdeen, Edinburgh or Glasgow. This is an exciting opportunity to lead our firm‑wide security strategy governance and operations. Working with Partners, the COO IT and Business Services you will maintain ISO 27001:2022 accreditation, strengthen resilience and safeguard client confidentiality.
This role will allow you to develop and maintain our information security strategy and control framework aligned to ISO 27001:2022, UK GDPR, the Data Protection Act 2018, the Law Society of Scotland, the SRA Standards and Regulations, and relevant NCSC guidance. You will lead on information security related risk management board‑level reporting and security metrics, oversee audits, certifications and client due diligence, and support the COO in leading on business continuity and disaster recovery testing, host external audits and client assessments, and articulate our security posture to bids.
You have proven experience in information security management within professional services, ideally a UK law firm or other regulated environment with strong knowledge of UK GDPR, the Data Protection Act 2018, the Law Society of Scotland and SRA requirements and relevant NCSC guidance. You are an excellent written and verbal communicator with partners, clients and auditors.
This is a high‑impact role with strategic influence, broad responsibility and direct engagement with senior stakeholders. You will champion a culture of accountability and continuous improvement backed by an organisation committed to excellence and client service.
Full details can also be found in our job specification.
If you have any questions or would like to discuss this opportunity in more detail please contact Jo McMonagle.
Burness Paull reserves the right to close this vacancy early if a sufficient number of applications are received for this role. Therefore, if you are interested please submit your application as early as possible.
Closing Date : 12 December 2025
Required Experience : Manager
Employment Type : Full‑Time
Experience : years
Vacancy : 1
#J-18808-Ljbffr