Sterlington, PLLC
IT Security Manager - remote
Job Summary
The IT Security Manager role involves overseeing cybersecurity operations, managing a security team, and ensuring compliance with security policies and frameworks such as ISO27001 and NIST. The position requires strong technical expertise with security tools, incident response, and threat detection, along with significant management experience. Responsibilities include reporting, vulnerability remediation, and integrating security measures into organizational continuity planning. The role emphasizes collaboration with senior leadership and maintaining a defense-in-depth security posture.
Required Skills
Job Description
Position Title: IT Security Manager
Contract: Interim / Contractor
Reports to: Head of Technology
Our Firm:
Sterlington is an international law firm that combines legal and commercial excellence with modern ways of practicing. Our high-caliber partners work on complex business matters with a tailored approach to client service and a focus on financial flexibility and innovation. Learn more at: www.sterlingtonlaw.com.
Responsibilities:
- The role involves overseeing cybersecurity operations, ensuring compliance with security policies, and managing a team of security personnel
- Collect and maintain data needed to meet system cybersecurity reporting
- Ensure daily report and any other cyber or system security reporting deadlines are met
- Escalate or oversee the escalation of cybersecurity issues in accordance with organizational policy
- Ensure cybersecurity procedures and best practices are properly documented, formatted, and disseminated using standard operating procedure templates
- Ensure cybersecurity requirements are integrated into the continuity planning for the system(s) and/or organization(s)
- Evaluate and execute security tool development efforts to ensure that baseline security safeguards are appropriately installed
- Manage the monitoring of information security data sources to maintain organizational situational awareness
- Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc
- Responsible for managing a team of security personnel, advising senior leadership of threats to security, and proposing changes to the company's policies to reduce the organization's risk
- Exhibit technical skill in configuring and maintaining cybersecurity tools
- Oversee ongoing operations of security assets to ensure that a defense in depth security model is in place
- Ability to review logs for unusual or suspicious activity, interpret and make recommendations for resolution
Required experience
- Minimum of 10 years IT experience, with at least 5 years in an information security role and at least 3 years of management/supervisory experience
- Proficiency in security frameworks including ISO27001, Cyber Essentials, SOC2, NIST CSF ad CIS
- Active CISSP/CISM certification
- Proven experience managing or working closely with Security Operations Centres (SOC) including incident response and threat detection.
- Strong technical hands on experience working with MS security solutions, including Defender, Entra ID and Microsoft Purview.
- BS in Cybersecurity or related field
- A strong understanding of the business impact of security tools, technologies, and policies
- Excellent customer service with an ability to 'translate' security and technical terminology so the customer can understand
Sterlington, PLLC
Sterlington is an international law firm with leading capabilities in sophisticated transactional and litigation work.
See more jobsSafe Remote Job Search Tips
Verify Employer Thoroughly
Research the company's identity thoroughly before applying. Check for a professional website with contacts, active social media, and LinkedIn profiles. Verify details across platforms and look for reviews on Glassdoor or Trustpilot to confirm legitimacy.
Never Pay to Get a Job
Legitimate employers never require payment for applications, training, background checks, or equipment. Always reject upfront payment requests or demands for bank details, even if they claim it's for purchasing necessary work gear on your behalf.
Safeguard Your Personal Information
Protect sensitive data like SSN, bank details, or ID copies. Share this only after accepting a formal, written job offer. Ensure it's submitted via a secure company system or portal, never through insecure channels like standard email attachments.
Scrutinize Communication & Interviews
Watch for communication red flags: poor grammar, generic emails (@gmail), vague details, or undue pressure. Be highly suspicious of interviews held only via text or chat apps; legitimate companies typically use video or phone calls.
Beware of Unrealistic Offers
If an offer's salary or benefits seem unrealistically high for the work involved, be cautious. Research standard pay for similar roles. Offers that appear 'too good to be true' are often scams designed to lure you into providing information or payment.
Insist on a Formal Contract
Always secure and review a formal, written job offer or employment contract before starting work or sharing final personal details. Ensure it clearly defines your role, compensation, key terms, and conditions to avoid misunderstandings or scams.