Herbert Smith Freehills Kramer is a world-leading global law firm, where our ambition is to help you achieve your goals.

Exceptional client service and the pursuit of excellence are at our core. We invest in and care about our client relationships, which is why so many are longstanding. We enjoy breaking new ground, as we have for over 170 years.

As a fully integrated transatlantic and transpacific firm, we are where you need us to be. Our footprint is extensive and committed across the world's largest markets, key financial centres and major growth hubs.

At our best tackling complexity and navigating change, we work alongside you on demanding litigation, exacting regulatory work and complex public and private market transactions. We are recognised as leading in these areas.

We are immersed in the sectors and challenges that impact you. We are recognised as standing apart in energy, infrastructure and resources. And we're focused on areas of growth that affect every business across the world.

All of this is achieved by supporting the growth of our people, who help us deliver on our ambition - which is to help you achieve yours.

Herbert Smith Freehills Kramer: Your goals. Our ambition

The Opportunity

Are you passionate about information security, data privacy, and helping organisations build strong governance foundations? This is a fantastic opportunity to join our global Information Security and Data Privacy teams in a newly created role supporting our Australia and Asia offices.

We're looking for someone who thrives in a collaborative environment, enjoys working across diverse teams, and is ready to make a meaningful impact on how we protect our firm, our people, and our clients.

What you'll do

• Provide assurance to external stakeholders through:

  • Responding to client information security requests;

  • Supporting external certification audits; and

  • Engaging in client site audits.

• Support the ongoing maintenance and expansion of our ISO 27001 certification, including preparing business units for certification and maintaining ISMS documentation and tools.

• Assess risks for new initiatives and support internal security audits.

• Contribute to the delivery of our global data privacy programme.

• Manage day-to-day user behaviour and data leakage monitoring.

• Support ongoing security and privacy education and awareness across the firm.

• Provide practical information security and privacy advice to internal teams

• Assist with security- and privacy-related incidents and operational issues

• Collaborate with stakeholders across IT, Risk, HR, and legal teams

• Stay on top of emerging security and privacy risks, regulations, and best practices

Note: This is a governance, risk and compliance (GRC) focused role, not a technical cybersecurity engineering position, though a solid understanding of IT and cyber concepts is essential.

What you'll bring

• A degree in a relevant technical or related field.

• Approximately 3 years' experience in information security or privacy role ideally within a law firm or professional services environment.

• Strong knowledge of ISO 27001.

• Understanding of global privacy requirements, ideally including APAC regulations

• Certifications such as CISSP, CISA, CISM, MSc Security, ISO 27001 Lead Auditor (advantageous but not essential).

• Ability to analyse complex security risks and controls.

• Familiarity with security standards, frameworks and regulations.

• An adaptable, proactive working style and strong relationship-building skills.

• An innovative mindset, curious about AI and emerging technologies.

Compensation

Exact compensation may vary based on skills and experience and salary range (inclusive of superannuation) is $95,000 - $110,000 AUD.

What you can expect from us

• We're a world leading international law firm with a global team of over 6,000 professionals across 26 offices. As the market leader in Australia, we are committed to high performance, collaboration, diversity and digital innovation. We are client-centred, commercially driven, and renowned for our solution-focused expertise. We will align your growth with our ambitions.

• We make your personal and professional growth our business. And as part of the team, our ambition is yours too. Wherever you are in your career: grow and help the firm grow with you.

• We will provide opportunities to learn on the job as well as a mix of learning opportunities tailored to you. Daily experiences, supportive challenges, team collaboration, mentors, and structured learning opportunities help you to expand your knowledge and reach your goals.

• We value your wellbeing, both at home and work and we place a strong emphasis on mental health. If you need support, you'll have it and we'll empower you to harness your personal strengths, navigate uncertainty, embrace opportunities, and effectively manage things within your control.

• For more benefits on offer such as our holistic wellbeing fund or home office allowance please .

• Join us to be part of a human, bold and outstanding team at Australia's market leading law firm.

We are committed to attracting people from all backgrounds and creating a respectful and inclusive culture where everyone thrives. We see this as essential to our success, including our ability to innovate and achieve sustained high performance. This is a key part of our Values-Human, Bold, and Outstanding.

Team

General Counsel and RiskFull time

Location

Sydney

Contract type

Permanent Contract

Diversity & Inclusion

We are committed to attracting people from all backgrounds and creating a respectful and inclusive culture where everyone thrives. We see this as essential to our success, including our ability to innovate and achieve sustained high performance. This is a key part of our Values-Human, Bold, and Outstanding.