Information Security Lead

DO NOT POST.

Job Title: Information Security Lead

Our client alaw firm is seeking an Information Security Lead responsible for the security, integrity, and availability of information assets. This role drives the design, implementation, and continuous improvement of security controls across people, processes, and technology.

• Lead security architecture across on-premises and cloud environments.
• Design and implement secure solutions for infrastructure, cloud platforms, identity, and networks.
• Advise technical teams to embed security into systems and operations.
• Support secure adoption of Microsoft Azure and its security capabilities.
• Develop cloud security guardrails, policies, and monitoring.
• Monitor emerging threats and improve overall security posture.
• Mentor security team members.

• Oversee daily security operations, monitoring, and threat detection.
• Act as escalation point for incidents and vulnerabilities.
• Lead incident response, remediation, and recovery efforts.
• Improve response playbooks and conduct simulations.
• Manage vulnerability assessments, penetration testing, and remediation.
• Optimize security tools (SIEM, endpoint, network security).

• Support data protection programs including classification and DLP.
• Implement controls to protect sensitive data across systems.
• Configure and manage DLP policies.
• Collaborate with legal and compliance teams.
• Respond to data protection incidents and alerts.

• Develop and maintain security policies and standards.
• Support audits, assessments, and compliance initiatives.
• Report on security risks, metrics, and program maturity.

• Strong expertise in security architecture and cloud security (Azure).
• Knowledge of Zero Trust and identity-based security models.
• Experience with SIEM, endpoint, network, and CASB/SSE platforms.
• Solid understanding of data protection and DLP.
• Strong analytical, problem-solving, and communication skills.
• Ability to lead, mentor, and collaborate across teams.
• Capable of handling high-pressure security incidents.

• Degree in IT, Computer Science, Cybersecurity, or equivalent experience.
• 8+ years in IT, with strong cybersecurity focus.
• 6+ years in security roles, including 3+ years in leadership.
• Extensive experience with Microsoft Azure security.
• Hands-on experience with security tools (e.g., Defender, Sentinel).
• Experience with vulnerability management and cloud security integration.
• Familiarity with frameworks (NIST, ISO 27001, MITRE ATT&CK).
• Relevant certifications (CISSP, CISM, GIAC, ISACA, Microsoft) preferred.