x
Get our mobile app
Fast & easy access to Jobstore
Use App
Congratulations!
You just received a job recommendation!
check it out now
Browse Jobs
Companies
Campus Hiring
Download App
Jobs in Singapore   »   Jobs in Singapore   »   Quality Assurance / Control Job   »   Senior InfoSec Compliance Specialist
 banner picture 1  banner picture 2  banner picture 3

Senior InfoSec Compliance Specialist

Allen & Overy Llp

Allen & Overy Llp company logo

Allen & Overy

Allen & Overy is a leading global law firm operating in over thirty countries. We work on some of the most challenging and important deals and have built a reputation for delivering exceptional legal solutions that help our clients grow, innovate and thrive. Our business teams work hand-in-hand with our lawyers, Consultants and other specialist teams, and are ambitious, driven and leaders in their field. The legal industry is changing, and we're committed to leading that change by putting our people first, embracing new ways of thinking and integrating technology into our everyday work.


With us, you will constantly be learning and growing. We invest in you by offering exceptional professional and personal development – providing training, mentoring and practical support. We offer rewarding careers that are built around your strengths and designed to ensure you can achieve your personal and professional goals, recognising that those may look different for everyone.


We have a powerful commitment to diversity, equity and inclusion. We’re determined to play our part in advancing a workplace where progress is made by harnessing our differences – whatever defines you, we ask you to bring your whole self to work.


What truly defines a career at Allen & Overy? We recruit the best and ask for the best of you. We provide challenge, support and a place for you to belong. And together we excel, working on meaningful projects of global significance.


Department purpose

This role sits within the Global Information Security team within Allen & Overy. Information Security is charged with the ongoing protection of the valuable information the firm holds and processes. This includes responsibility for cyber security, the protection of digital services and support to various internal stakeholders requiring information to manage our client relationship.


Role purpose

The key purpose of the InfoSec Compliance Specialist role is to support the client audit and compliance teams who require detailed information relating to the firm’s policies and processes that secure our client data. This role provides a link between client audit and compliance and the IT function and the geographic location allows us to extend the working day by adopting “follow the sun” working.


Role and responsibilities

  • Leading Information Security activities within the APAC Region
  • Close team working with colleagues in the EU and US timeszones
  • Timely completion of client compliance questionnaires relating to information security
  • Supporting Information Security compliance activities associated with ISO27001 and SOC2
  • Capture of evidence to support on-site audits
  • Ensuring all client facing information security documentation is accurate and up-to-date
  • Reviewing and maintaining Information Security and IT policies
  • Working with technical specialists in IT to respond to client queries
  • Review of client terms of engagement and/or outside counsel guidelines
  • Supporting senior members of the information security team with remediation work
  • Supporting external security certification and surveillance audits including ISO27001:2022
  • Supporting the review of suppliers and 3rd parties in relation to their information security controls
  • Supporting senior members of the information security team with ad-hoc project work

Key Relationships

  • Information Security GRC Manager
  • Client engagement and audit teams.
  • Members of the Information Security team.
  • In-house legal team.
  • Business acceptance team.
  • Other IT functions as required (for example networks team, email team).
  • Client Relationship managers / partners.
  • External auditors.
  • Suppliers who handle/process A&O data.

Competencies for success

  • Articulate / fluent written / spoken English
  • Significant experience with Information Security Certifications, such as ISO27001, SOC2
  • Significant experience with Governance, Risk and Compliance functions
  • Excellent verbal and written communication skills
  • Ability to communicate technical issues in a clear and simple manner
  • Ability to work under pressure and tight timescales
  • Comfortable dealing with different levels of seniority across the firm and its clients
  • Ability to review large volumes of data and make good assessments quickly
  • Ability to multi-task and juggle changing priorities
  • Ability to manage conflicting priorities
  • Comfortable dealing with ambiguity
  • Attention to detail and precise working
  • Commercially minded
  • Logical, methodical working
  • Ability to structure work to hand over to others (follow the sun working)
  • 5+ years’ experience working in Information Security/ IT Audit roles
  • At least 3 year’s experience in a similar role
  • Willingness to travel (especially to London)
  • Flexible
  • Reliable
  • Objective driven
  • Posess a “can do “ attitude
  • Excellent situational awareness
  • Confident to take ownership when required

Qualifications and work experience

  • Computer Science degree, CISSP / CISA desired but not essential.
  • Previous experience of legal or professional services.
✱   This job post has expired   ✱

Sharing is Caring

Know others who would be interested in this job?