IT Security Manager - remote

Position Title: IT Security Manager

Contract: Interim / Contractor

Reports to: Head of Technology

 

Our Firm:   

Sterlington is an international law firm that combines legal and commercial excellence with modern ways of practicing. Our high-caliber partners work on complex business matters with a tailored approach to client service and a focus on financial flexibility and innovation. Learn more at: www.sterlingtonlaw.com.  

 

 

Responsibilities:

• The role involves overseeing cybersecurity operations, ensuring compliance with security policies, and managing a team of security personnel 

• Collect and maintain data needed to meet system cybersecurity reporting 

• Ensure daily report and any other cyber or system security reporting deadlines are met 

• Escalate or oversee the escalation of cybersecurity issues in accordance with organizational policy 

• Ensure cybersecurity procedures and best practices are properly documented, formatted, and disseminated using standard operating procedure templates 

• Ensure cybersecurity requirements are integrated into the continuity planning for the system(s) and/or organization(s) 

• Evaluate and execute security tool development efforts to ensure that baseline security safeguards are appropriately installed 

• Manage the monitoring of information security data sources to maintain organizational situational awareness 

• Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc 

• Responsible for managing a team of security personnel, advising senior leadership of threats to security, and proposing changes to the company's policies to reduce the organization's risk 

• Exhibit technical skill in configuring and maintaining cybersecurity tools 

• Oversee ongoing operations of security assets to ensure that a defense in depth security model is in place 

• Ability to review logs for unusual or suspicious activity, interpret and make recommendations for resolution 

 

 

Required experience 

• Minimum of 10 years IT experience, with at least 5 years in an information security role and at least 3 years of management/supervisory experience 

• Proficiency in security frameworks including ISO27001, Cyber Essentials, SOC2, NIST CSF ad CIS 

• Active CISSP/CISM certification 

• Proven experience managing or working closely with Security Operations Centres (SOC) including incident response and threat detection. 

• Strong technical hands on experience working with MS security solutions, including Defender, Entra ID and Microsoft Purview. 

• BS in Cybersecurity or related field 

• A strong understanding of the business impact of security tools, technologies, and policies 

• Excellent customer service with an ability to 'translate' security and technical terminology so the customer can understand