Risk & Compliance Officer - 14 Month FTC

About Ashurst

Ashurst is a leading progressive global law firm with a rich history spanning more than 200 years. We are proud of our history and are future-focused, having expanded into new technologies through our NewLaw division, Ashurst Advance, and our consulting arm. Our in-depth understanding of our clients and commitment to providing excellent standards of service have seen us become a trusted adviser to local and global corporates, financial institutions and governments in all areas of commercial law.

Department/Role overview

We are seeking a Risk & Compliance Officer to join our Risk & Compliance department in Glasgow. The ideal candidate would be a reliable and organised quick learner who is software conversant with a good eye for detail and analytical skills. The Data Loss & Insider Threat role is critical in safeguarding the firm's sensitive information, which includes client data, intellectual property, and internal communications.

Main responsibilities

Our Data Loss & Insider Threat Officers are predominantly responsible for managing the firm's Data Loss Prevention (DLP) system; assessing and escalating data loss incidents according to nature and severity, in line with client expectations; monitoring high risk users and flagging suspicious behaviour to senior management; following-up on non-compliance and raising awareness / educating staff on data loss prevention best practice to prevent data loss incidents from occurring in the first place.

The main duties of this role include:

• monitoring various data loss prevention (DLP) tools, scanning for security events that may constitute potential data loss for the firm or its clients;
• escalating potential incidents according to nature and severity in line with internal protocol, liaising with various stakeholders as required;
• monitoring and investigating high risk behaviours/suspicious activities;
• awareness raising activities and continuous improvement of incident management procedures;
• conducting routine audits of Risk and Compliance systems to ensure appropriate security policies have been applied in line with client terms; and
• supporting various stakeholders and the wider Risk & Compliance team with ad hoc queries and reporting.

Risk and Control: Ensure that all activities and duties are carried out in full compliance with our regulatory requires and internal policies.

Essential skills and experience

• Professional and discreet as confidential and sensitive information will be handled
• Exceptional attention to detail and a proactive approach to problem-solving
• Self-driven with ability to work independently and within a team environment
• A quick learner and conversant with technology/software
• Personable - comfortable communicating with stakeholders at all levels across the global firm
• Excellent communication skills both written and verbal

Desired skills and experience

• Previous experience working with various Data Loss Prevention software
• Previous experience working within a regulated environment
• Experience in developing data loss prevention policies and procedures

Background checks

In order to comply with regulatory and client requirements, Ashurst will undertake appropriate vetting of staff. When applicants accept a job offer, Ashurst, alongside a specialist provider, will undertake professional verification and background checks. These checks are only undertaken with consent, and in accordance with our legal and regulatory obligations.