IT Security Manager

Summary

Join Sterlington, an international law firm, as our IT Security Manager. This interim/contractor role reports to the Head of Technology and involves overseeing cybersecurity operations, ensuring compliance, and managing a security team. Responsibilities include collecting security data, meeting reporting deadlines, escalating cybersecurity issues, documenting procedures, integrating security into continuity planning, and evaluating security tools. You will also manage a team, advise senior leadership, and propose policy changes. The ideal candidate will have 10+ years of IT experience, including 5+ years in information security and 3+ years of management. A BS in Cybersecurity or a related field and active CISSP/CISM certification are required.

Requirements

• Minimum of 10 years IT experience, with at least 5 years in an information security role and at least 3 years of management/supervisory experience
• Proficiency in security frameworks including ISO27001, Cyber Essentials, SOC2, NIST CSF ad CIS
• Active CISSP/CISM certification
• Proven experience managing or working closely with Security Operations Centres (SOC) including incident response and threat detection
• Strong technical hands on experience working with MS security solutions, including Defender, Entra ID and Microsoft Purview
• BS in Cybersecurity or related field
• A strong understanding of the business impact of security tools, technologies, and policies
• Excellent customer service with an ability to 'translate' security and technical terminology so the customer can understand

Responsibilities

• Oversee cybersecurity operations, ensuring compliance with security policies, and managing a team of security personnel
• Collect and maintain data needed to meet system cybersecurity reporting
• Ensure daily report and any other cyber or system security reporting deadlines are met
• Escalate or oversee the escalation of cybersecurity issues in accordance with organizational policy
• Ensure cybersecurity procedures and best practices are properly documented, formatted, and disseminated using standard operating procedure templates
• Ensure cybersecurity requirements are integrated into the continuity planning for the system(s) and/or organization(s)
• Evaluate and execute security tool development efforts to ensure that baseline security safeguards are appropriately installed
• Manage the monitoring of information security data sources to maintain organizational situational awareness
• Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc
• Responsible for managing a team of security personnel, advising senior leadership of threats to security, and proposing changes to the company's policies to reduce the organization's risk
• Exhibit technical skill in configuring and maintaining cybersecurity tools
• Oversee ongoing operations of security assets to ensure that a defense in depth security model is in place
• Ability to review logs for unusual or suspicious activity, interpret and make recommendations for resolution