×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager Information Security Network Security

Information Security Lead

Job in Erlanger, Kenton County, Kentucky, 41018, USA
Listing for: Intake Talent
Full Time position
Listed on 2025-12-22
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager, Information Security, Network Security
Salary/Wage Range or Industry Benchmark: 105000 - 110000 USD Yearly USD 105000.00 110000.00 YEAR
Job Description & How to Apply Below

Base pay range

$/yr - $/yr

Location: Erlanger, KY (Hybrid - 3 days in office / 2 days remote)

Salary: $105,000 - $110,000 USD per year

About the Role

Our client, a global provider of legal intelligence with operations across the UK and US, is seeking an experienced Information Security Lead to safeguard its information assets across cloud, on‑premise, and managed service environments.

This is a hands‑on, technical leadership role responsible for security operations, incident response, vulnerability management, and compliance. The successful candidate will play a key role in strengthening security controls, improving monitoring and detection capabilities, and driving continuous improvement in the organization’s security posture across both regions.

Key Responsibilities Security Operations & Monitoring (SOC)
  • Maintain and enhance security controls across Microsoft 365, Azure, Intune, Defender, Sentinel SIEM, Cloudflare, and on‑prem environments
  • Monitor, investigate, and triage security alerts and anomalous activity
  • Develop and tune SIEM dashboards, alerts, correlation rules, and automation playbooks
  • Manage SIEM log ingestion and integrations
  • Operate and optimise EDR, identity protection, DLP, MFA, email security, and application protection controls
  • Oversee DNS and email authentication security (SPF, DKIM, DMARC)
Incident Response & Threat Handling
  • Lead technical response to global security incidents
  • Conduct forensic investigations, log analysis, and root‑cause analysis
  • Maintain, test, and improve incident response playbooks (e.g., ransomware, credential compromise, cloud intrusion, DDoS)
  • Coordinate incident communications with internal teams, leadership, and external vendors
Vulnerability Management & Testing
  • Own the vulnerability lifecycle: scanning, prioritisation, remediation tracking, and verification
  • Manage internal and external penetration testing programmes
  • Maintain vulnerability dashboards and reporting
  • Ensure CIS, NIST, and Microsoft Secure Score baselines are enforced
  • Perform regular access and privilege reviews
  • Manage Cloudflare security controls including WAF, bot mitigation, DNS security, Zero Trust, and SSL/TLS enforcement
  • Analyse web traffic and security events for anomalies and threats
  • Ensure Cloudflare and NGINX security controls align with enterprise standards
Governance, Risk & Compliance (GRC)
  • Support compliance with ISO 27001/27002, NIST CSF, CIS Controls, GDPR, SOC 2, Cyber Essentials, DORA, and US regulatory requirements
  • Maintain security policies, procedures, risk registers, and documentation
  • Perform vendor and project risk assessments
  • Support internal and external audits and assurance activities
Security Architecture & Improvement
  • Conduct security reviews of new technologies, SaaS applications, and infrastructure
  • Partner with development and engineering teams on secure design and remediation
  • Deliver security awareness initiatives and promote a strong security‑first culture
  • Track emerging threats and contribute to long‑term security roadmap planning
Required Experience & Skills
  • 5+ years’ experience in information security, SOC operations, or cybersecurity
  • Strong hands‑on experience with Microsoft 365, Azure, Sentinel SIEM, Defender suite, EDR, Cloudflare, DNS security, and NGINX App Protect
  • Proven experience in incident response, threat detection, SIEM engineering, vulnerability management, and penetration testing coordination
  • Solid understanding of network security, IAM, endpoint security, email security, and SaaS environments
  • Experience working closely with infrastructure, cloud, and application teams
  • Excellent communication skills, with the ability to engage both technical and non‑technical stakeholders
  • Calm, structured approach during high‑pressure security incidents
Frameworks & Standards
  • Working knowledge of ISO 27001/27002, NIST, CIS Controls, SOC 2, GDPR, DORA, and US security regulations
  • Experience supporting audits, risk assessments, and compliance initiatives
Preferred Certifications
  • Security+
  • AZ-500 (Azure Security Engineer)
  • SC-200, SC-300, SC-400
  • GIAC, CEH, CySA+, or similar
Why Apply?
  • Hybrid working model (3 days in office, 2 remote)
  • Opportunity to lead and shape security practices for a respected global legal intelligence provider
  • Exposure to modern cloud, SaaS, and security technologies
  • Collaborative, professional environment with strong executive support
Seniority level

Mid‑Senior level

Employment type

Full‑time

Job function

Information Technology

Industries

Staffing and Recruiting, IT Services and IT Consulting, and Computer and Network Security

#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search