Cybersecurity Manager

About Us 

Avvoka is a leading legal technology company specialising in document automation   – we've been used to help to produce contracts to licence Game of Thrones, open famous fast-food franchises, and buy and sell billion-dollar companies. Our software platform empowers law firms and in-house legal teams to draft, negotiate, and manage contracts more efficiently. We’re a team that is passionate about changing the way the world contracts – we don’t take ourselves too seriously but love to push the technical boundaries and solve hard problems. We value a positive attitude and a good sense of humor, making our workplace enjoyable and collaborative. Join us and be part of a team that values innovation, quality, and a positive work environment! 

What We're Looking For 

Are you a seasoned Cyber Security Manager with a proven track record in safeguarding both cloud-based and physical hardware infrastructures. We’re looking for someone who excels at implementing cyber security best practices, ensuring robust protection for cloud environments, and maintaining high security standards for internal systems. As a senior security professional in the company, your goal is to ensure the security and protection of Avvoka assets by shaping the cybersecurity strategy. Your expertise would span across securing cloud-based platforms and reinforcing the security of physical hardware and internal networks. You would thrive in dynamic environments, possess excellent problem-solving skills, and are adept at developing and enforcing security protocols to protect sensitive data. You would report to the Chief Technology Officer and Avvoka’s Directors, and you would people manage one security analyst (at the time of this ad). 

This role would suit someone who thrives in a start-up environment, where you can choose to gain more responsibility and where your work would have immediate impact. Being a proactive person and having the capacity to predict and circumvent issues would be a great trait to have.

Key Responsibilities 

Cloud-Based Cyber Security 

• Design, implement, and manage security measures for cloud-based infrastructure. 
• Monitor cloud environments for security vulnerabilities and respond to threats in real-time. 
• Collaborate with cloud service providers to ensure compliance with security policies and regulations. 

Physical Hardware Cyber Security 

• Enforce security protocols for physical hardware and internal systems. 
• Conduct regular security audits and assessments of hardware to identify potential risks. 
• Implement measures to protect against hardware-based attacks and unauthorised access. 

Policy Development and Compliance  

• Create and update cyber security policies to reflect current best practices and emerging threats. 
• Ensure compliance with industry standards, legal requirements, and organisational policies, namely ISO 27001. 
• Conduct regular training programs for staff on security policies. 
• Assist in information security exercises requested by our key prospects and clients. 

Incident Response and Management 

• Lead the response to security incidents, including investigation, mitigation, and reporting. 
• Develop and maintain incident response plans and conduct regular drills to ensure preparedness. 
• Collaborate with internal and external stakeholders to manage and resolve security breaches effectively. 

Team Leadership and Development 

• Manage and mentor a cyber security analyst, providing guidance and support. 
• Conduct performance reviews and identify opportunities for professional development within the team. 
• Foster a collaborative and innovative team culture focused on continuous improvement and excellence in cyber security practices. 

This outlines your key responsibilities, but it is not an exhaustive list. Reasonable changes within the scope of your responsibilities may be required as the job develops.

Person Specification 

These are the top factors that you would need to be a successful candidate: 

• Professional English Language Proficiency 
• Minimum of 5 years of experience as a Cyber Security manager 
• Experience in implementing cyber security best practices in cloud-based & server infrastructure 
• Experience in implementing cyber security best practices in physical hardware & internal facing systems infrastructure 
• Strong knowledge of cyber security frameworks (e.g., NIST, ISO 27001, CIS Controls, SOC II) 
• Experience with security tools and technologies (e.g., SIEM, firewalls, IDS/IPS) 
• Relevant certifications (e.g., CISSP, CISM, CEH, CompTIA Security+) 
• Excellent analytical and problem-solving skills 
• Effective communication and interpersonal skills, with the ability to explain complex security concepts to non-technical stakeholders 

It would be a bonus if you also had the following: 

• Bachelor's degree in computer science, Information Technology, Cyber Security, or a related field 
• Forward-thinking and innovative – always looking for ways to improve processes 
• A love of how technology is disrupting old business models. 
• A reliable work ethic: a willingness to contribute when needed, even if the task is not strictly in your job description.