Information Security Analyst

Job Title: Information Security AnalystAt Foot Anstey, we’re building something bold — and secure. If you’re looking for a hands-on role where your structured thinking, documentation skills, and collaborative mindset will help shape our long-term information security maturity, we’d love to hear from you.We’re one of the UK’s most forward-thinking law firms, built on a foundation of innovation, collaboration, and ambition. Join us, and let’s shape the future together.* We are in a period of exclusive direct sourcing for this role and are not currently accepting applications from recruitment agencies.________________________________________The role in 60 secondsRole: Information Security AnalystTeam: ITLocation: Hybrid working from Bristol, Exeter, Plymouth or Southampton Working Pattern: Full timeWhy this role matters: As part of our continued investment in technology and risk, we’re looking for an experienced person to help shape and embed our Information Security Management System (ISMS) as we prepare for ISO 27001 certification._______________________________________What you’ll doYou’ll be a key contributor to our Cyber & Information Security team, working across the business to ensure our security policies and processes are not only robust, but practical and well understood.In this role you’ll:Support the design and implementation of our ISMS aligned to ISO 27001 and NIST CSFCreate and maintain security documentation including policies, standards and proceduresConduct risk assessments and maintain treatment plans and asset registersGather and manage audit evidence for internal and external reviewsSupport policy rollout and adoption across technical and non-technical teamsAssist with third-party assurance and vendor risk activitiesCollaborate with Cyber Defence and 3rd Line Teams to align technical controlsContribute to our security awareness and training programme________________________________________What we’re looking forWe’re looking for someone who enjoys structured delivery, takes pride in clear documentation, and thrives in a collaborative environment. You’ll bring:A strong understanding of information security principles and frameworks (ISO 27001, NIST CSF, Cyber Essentials Plus)Experience supporting ISMS implementation or maintenanceExcellent documentation and communication skillsFamiliarity with Microsoft 365 Security, Azure AD, and endpoint protection toolsA methodical approach and attention to detailA proactive mindset and commitment to continuous improvementCertifications such as CISSP, CISM, or ISO 27001 Lead Implementer are desirable but not essential.________________________________________Join a seriously ambitious firmAt Foot Anstey, we’re committed to making a difference for our people, our clients, and society. Here’s what makes us stand out:An ambitious growth strategy that opens up opportunities for our people to make their mark.A client base that spans household names, thriving startups, and ambitious enterprises.A culture built on our values of being refreshingly human, entrepreneurial, inclusive and collaborative.A strong focus on being a responsible business with a commitment to sustainability and giving back to our communities.Comprehensive professional development and training – whatever your role and level we have training that will support you to achieve your goals.________________________________________Progressive benefits tailored to youWe believe our people are our greatest asset. That’s why we offer a comprehensive benefits package designed to support your professional growth and personal wellbeing, including:Competitive salary and performance-linked bonus.Enhanced parental leave policies.Private healthcare and wellbeing initiatives (e.g., mental health support, gym memberships).An open, flexible working environment.Find out more about our benefits and work environment here Life at Foot Anstey | Foot Anstey________________________________________Ready to apply? Hit the “Apply Now” button.Send us your CV and a quick note on why this role is perfect for you.Our team will review your application and be in touch, whatever the outcome.Invited for interview?With a straightforward process typically involving two interviews, our talent acquisition team will guide you through every step, ensuring you feel confident and prepared to show us what you can do.We’re here to support your individual needs. If you require any adaptations or adjustments, we’re more than happy to accommodate these. Before your interview, we’ll contact you to discuss the themes we’ll cover and answer any questions you might have.If you’d like to visit our offices prior to your interview or would like help testing your kit for your virtual interview, just let us know.Let’s make your next career move the start of something extraordinary.