IT Security Manager - remote

Position Title: IT Security Manager

Contract: Interim / Contractor

Reports to: Head of Technology

Our Firm:  

Sterlington is an international law firm that combines legal and commercial excellence with modern ways of practicing. Our high-caliber partners work on complex business matters with a tailored approach to client service and a focus on financial flexibility and innovation. Learn more at: www.sterlingtonlaw.com.  

Responsibilities:

• The role involves overseeing cybersecurity operations, ensuring compliance with security policies, and managing a team of security personnel
• Collect and maintain data needed to meet system cybersecurity reporting
• Ensure daily report and any other cyber or system security reporting deadlines are met
• Escalate or oversee the escalation of cybersecurity issues in accordance with organizational policy
• Ensure cybersecurity procedures and best practices are properly documented, formatted, and disseminated using standard operating procedure templates
• Ensure cybersecurity requirements are integrated into the continuity planning for the system(s) and/or organization(s)
• Evaluate and execute security tool development efforts to ensure that baseline security safeguards are appropriately installed
• Manage the monitoring of information security data sources to maintain organizational situational awareness
• Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc
• Responsible for managing a team of security personnel, advising senior leadership of threats to security, and proposing changes to the company's policies to reduce the organization's risk
• Exhibit technical skill in configuring and maintaining cybersecurity tools
• Oversee ongoing operations of security assets to ensure that a defense in depth security model is in place
• Ability to review logs for unusual or suspicious activity, interpret and make recommendations for resolution
  
  

Required experience

• Minimum of 10 years IT experience, with at least 5 years in an information security role and at least 3 years of management/supervisory experience
• Proficiency in security frameworks including ISO27001, Cyber Essentials, SOC2, NIST CSF ad CIS
• Active CISSP/CISM certification
• Proven experience managing or working closely with Security Operations Centres (SOC) including incident response and threat detection.
• Strong technical hands on experience working with MS security solutions, including Defender, Entra ID and Microsoft Purview.
• BS in Cybersecurity or related field
• A strong understanding of the business impact of security tools, technologies, and policies
• Excellent customer service with an ability to 'translate' security and technical terminology so the customer can understand