Data Risk Officer; Information Security

Kennedys is looking for a Data Risk Officer (Information Security) to join the Risk & Compliance team, supporting the Global Information Security Manager in running the Information Security Management System (ISMS), ISO 27001 compliance, cloud security governance, and cyber resilience activities.

Kennedys Risk & Compliance team handles a wide range of partnership and risk and compliance issues for the firm and acts as an in-house legal department assisting with regulatory and professional conduct enquiries. Within this the Data Risk Team specialises in risk to data, privacy and information as well as compliance with associated regulations and best practise globally. This includes keeping abreast of new and emerging risks associated with ever developing technology such as AI.

• Support ISMS and ISO
  27001 control framework
• Assist with security risk assessments and audits
• Work with IT to define support cloud security and technology risk reviews
• Assist in cyber resilience and incident management
• Support monitoring, threat analysis, and vulnerability tracking
• Contribute to governance, reporting and training

• Knowledge of ISO
  27001/ISMS or other recognized security frameworks
• Understanding of cloud security principles
• Awareness of cyber security and resilience concepts
• Strong analytical and organisational skills
• Communication skills across technical and business teams

Kennedys is an equal opportunities employer and is committed to ensuring our recruitment processes are as inclusive as possible. We expect all employees to be aware of and comply with all relevant policies and procedures within their jurisdiction, including those relating to Information Security, Data Protection and Quality Management, refer any breach promptly to Risk & Compliance and to complete all mandatory training when requested.