Modular Services

Modular Services helps law firms reduce tech friction with end-to-end business support. It delivers IT services, finance operations, and project management through 24/7 service desk, security operations, and custom development, including ServiceNow integrations. Key capabilities include application development, e-billing, matter administration, data backup and disaster recovery, and robotic process automation. The team of over 150 experts holds ITIL, Prince2, and Six Sigma certifications and leverages vendor-specific credentials. With experience serving top UK law firms and international clients, Modular Services aims to scale legal operations through flexible, client-centric delivery.

Application DevelopmentBusiness SupportCyber SecurityFinance OperationsIT OperationsLegaltechManaged ServicesProject Managementmodular.services

Modular Services

Application DevelopmentBusiness SupportCyber SecurityFinance OperationsIT OperationsLegaltechManaged ServicesProject Managementmodular.services

HQBucharest, RO

Team Size182

Open Jobs4

Total Funding-

Latest FundraiseUnknown

Join the Team

Information Security Manager

HybridIasi Metropolitan Area, RO

Hybrid • Iasi Metropolitan Area, RO

Teeming tracks opportunities at over 24,000 AI startups, then works with you to find (and land) the one you'll love.

Data Scientist

ContractBelgrade, RS

Contract • Belgrade, RS

Mobile Developer

Full-timeSan Francisco, US

Full-time • San Francisco, US

Frontend Developer

InternshipManchester, GB

Internship • Manchester, GB

Mobile Developer

Part-timeUtrecht, NL

Part-time • Utrecht, NL

Data Scientist

InternshipNew York, US

Internship • New York, US

DevOps Engineer

Part-timeSan Francisco, US

Part-time • San Francisco, US

About the role

The Information Security Manager will work for a client company, CMS Legal. The main focus of this role is to support the Information Security & Risk Officer / CISO and the global CMS IT Security Group in achieving the agreed level of information security across CMS Legal Services locally and to support CMS member firms globally by promoting best practices and shared services.

Reporting directly to the Information Security & Risk Officer / CISO, the role ensures adherence to security policies and standards within CMS Legal Services operations. It plays a key role in the Cyber Risk Management process, contributing to audit outputs, vulnerability reporting, and risk assessments. The role also supports the implementation of security controls and governance frameworks such as ISMS, ISO 27001 and CIS Controls.

The position works closely with the IT Security Manager to define technical requirements, establish best practices and provide support on all matters related to information security across business units and third parties.

Key Responsibilities

Governance & Strategy

• Support the development and rollout of the CMS Legal Services ISMS and global InfoSec strategy

• Assist in defining and maintaining information security policies, standards and procedures

• Contribute to the establishment of an Information Security Governance structure with clear documentation and escalation paths

• Align local practices with global frameworks such as ISO 27001 and CIS Controls

Risk Management & Compliance

• Maintain and update the organizational risk register

• Monitor and report on vulnerabilities, threats and risk mitigation status to senior management

• Ensure compliance with internal policies and external regulations, including GDPR and contractual obligations

• Support the implementation of Microsoft Purview and other tools for compliance monitoring in Azure environments

Information Security Awareness & Campaigns

• Develop and deliver security awareness programs tailored to different user groups

• Organize regular training sessions, phishing simulations and educational campaigns

• Promote a security-conscious culture across CMS Legal Services and member firms

• Track participation and effectiveness of awareness initiatives and report outcomes to senior management

Technical Security Operations

• Collaborate with IT Security Manager to define technical security requirements and best practices

• Oversee external vulnerability scanning and penetration testing activities

• Support the classification and protection of information assets

• Ensure effective cybersecurity controls are in place at both organizational and application levels

Incident Management & Response

• Develop and maintain incident response plan and procedures

• Act as a member of the incident response team during security events

• Conduct regular security incident drills and lead improvement initiatives

Communication & Coordination

• Participate in weekly IT Security calls and steering committee meetings

• Coordinate with internal teams and third-party providers to ensure security requirements are met

• Provide guidance and support to business units and member firms on InfoSec matters

• Establish KPIs and reporting structures to inform senior management on risk and security posture

Requirements

Minimum of 4 years of relevant work experience
Proven experience in establishing and maintaining an ISMS (ISO 27001)

If you are interested in this position, you can send your CV via e-mail, as well, at: ioana.andrei@modular.services