IT Security Manager

Job description

Position Title: IT Security Manager

Contract: Interim / Contractor

Reports to: Head of Technology

Our Firm:

Sterlington is an international law firm that combines legal and commercial excellence with modern ways of practicing. Our high-caliber partners work on complex business matters with a tailored approach to client service and a focus on financial flexibility and innovation. Learn more at:www.sterlingtonlaw.com.

Responsibilities:

• The role involves overseeing cybersecurity operations, ensuring compliance with security policies, and managing a team of security personnel

• Collect and maintain data needed to meet system cybersecurity reporting

• Ensure daily report and any other cyber or system security reporting deadlines are met

• Escalate or oversee the escalation of cybersecurity issues in accordance with organizational policy

• Ensure cybersecurity procedures and best practices are properly documented, formatted, and disseminated using standard operating procedure templates

• Ensure cybersecurity requirements are integrated into the continuity planning for the system(s) and/or organization(s)

• Evaluate and execute security tool development efforts to ensure that baseline security safeguards are appropriately installed

• Manage the monitoring of information security data sources to maintain organizational situational awareness

• Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc

• Responsible for managing a team of security personnel, advising senior leadership of threats to security, and proposing changes to the company’s policies to reduce the organization’s risk

• Exhibit technical skill in configuring and maintaining cybersecurity tools

• Oversee ongoing operations of security assets to ensure that a defense in depth security model is in place

• Ability to review logs for unusual or suspicious activity, interpret and make recommendations for resolution

Required experience

• Minimum of 10 years IT experience, with at least 5 years in an information security role and at least 3 years of management/supervisory experience

• Proficiency in security frameworks including ISO27001, Cyber Essentials, SOC2, NIST CSF ad CIS

• Active CISSP/CISM certification

• Proven experience managing or working closely with Security Operations Centres (SOC) including incident response and threat detection.

• Strong technical hands on experience working with MS security solutions, including Defender, Entra ID and Microsoft Purview.

• BS in Cybersecurity or related field

• A strong understanding of the business impact of security tools, technologies, and policies

• Excellent customer service with an ability to ‘translate’ security and technical terminology so the customer can understand