Information Governance, Communications, and Policy Specialist

Information Governance Communications & Policy Specialist

Our client a respected and multi-disciplinary law firm is seeking an Information Governance Communications and Policy Specialist to own and enhance the firms Information Security Management System (ISMS). The role is responsible for ensuring the highest standards of data governance driving compliance with key regulations and embedding a security-first culture across the organisation.

This position blends policy development compliance management and strategic communication. The successful candidate will work closely with leadership IT and Risk teams translating complex regulatory requirements into clear effective and audit-ready policies that uphold the firms reputation for precision and integrity.

Location: Malta

Responsibilities:

As an Information Governance Communications and Policy Specialist your broad responsibilities will include but are not limited to:

Develop draft and maintain internal IT and security policies aligned with ISO27001 GDPR and other relevant regulatory frameworks.

• Collaborate with IT Risk and Compliance teams to ensure policies are practical effective and accurately reflect operational processes.

• Monitor regulatory updates from key bodies perform gap analysis and recommend necessary policy improvements to ensure continuous compliance.

• Support the end-to-end internal and external audit process for ISO27001 assisting with corrective actions and maintaining all required evidence.

• Act as the primary point of contact for responding to client security questionnaires and due diligence requests.

• Champion internal security awareness initiatives including training and communications to foster a robust security culture.

• Ensure all governance documentation is meticulously structured version-controlled and audit-ready at all times.

Requirements:

• A degree in Business IT Computing Law or a related field.

• Progressive experience in a role focused on information governance compliance policy management or IT audit.

• A strong understanding of information security frameworks particularly ISO27001 and the principles of policy and procedure documentation.

• Experience within a regulated environment (e.g. financial services corporate services iGaming or law firms) is highly beneficial.

• Excellent written and verbal communication skills in English with the ability to create clear structured and polished documentation.

• A proactive and detail-oriented mindset with a proven ability to improve processes and documentation frameworks.

• Strong collaborative skills with the ability to communicate confidently and effectively with stakeholders at all levels.

• Relevant certifications (or progress towards) such as CISA CISM CISSP or CRISC would be considered an asset.

This is an exceptional opportunity to apply your expertise and contribute to the success of a high-performing organisation with a global presence.

What we offer:

Competitive Compensation: You will receive a highly competitive compensation package which includes a competitive base salary performance bonuses and other incentives all reflective of your experience and contribution.

Work-Life Balance: We value work-life balance and offer flexible working arrangements recognising that achieving your best in your career requires a healthy balance between work and personal life.