IT Security Manager

Summary

Join Sterlington, an international law firm, as their IT Security Manager. This interim/contractor role reports to the Head of Technology and involves overseeing cybersecurity operations, ensuring compliance, and managing a security team. Responsibilities include collecting security data, meeting reporting deadlines, escalating cybersecurity issues, documenting procedures, integrating security into continuity planning, and evaluating security tools. The role also requires managing security personnel, advising leadership on threats, and proposing policy changes. Technical skills in configuring and maintaining cybersecurity tools are essential.

Requirements

• Minimum of 10 years IT experience, with at least 5 years in an information security role and at least 3 years of management/supervisory experience
• Proficiency in security frameworks including ISO27001, Cyber Essentials, SOC2, NIST CSF ad CIS
• Active CISSP/CISM certification
• Proven experience managing or working closely with Security Operations Centres (SOC) including incident response and threat detection
• Strong technical hands on experience working with MS security solutions, including Defender, Entra ID and Microsoft Purview
• BS in Cybersecurity or related field
• A strong understanding of the business impact of security tools, technologies, and policies
• Excellent customer service with an ability to 'translate' security and technical terminology so the customer can understand

Responsibilities

• Oversee cybersecurity operations, ensuring compliance with security policies, and managing a team of security personnel
• Collect and maintain data needed to meet system cybersecurity reporting
• Ensure daily report and any other cyber or system security reporting deadlines are met
• Escalate or oversee the escalation of cybersecurity issues in accordance with organizational policy
• Ensure cybersecurity procedures and best practices are properly documented, formatted, and disseminated using standard operating procedure templates
• Ensure cybersecurity requirements are integrated into the continuity planning for the system(s) and/or organization(s)
• Evaluate and execute security tool development efforts to ensure that baseline security safeguards are appropriately installed
• Manage the monitoring of information security data sources to maintain organizational situational awareness
• Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc
• Responsible for managing a team of security personnel, advising senior leadership of threats to security, and proposing changes to the company's policies to reduce the organization's risk
• Exhibit technical skill in configuring and maintaining cybersecurity tools
• Oversee ongoing operations of security assets to ensure that a defense in depth security model is in place
• Ability to review logs for unusual or suspicious activity, interpret and make recommendations for resolution