Information Security Lead

Posted Monday, November 17, 2025 at 5:00 AM

Join us for a bright future…Discover where your talent fits best at ALM!

Our network of more than 450+ employees globally is united by a shared understanding that the work we do makes a direct impact on the success of our customers and audiences. Our collaborative environment provides a vast amount of opportunities for career development. Our goal is to hire industry’s top talent, offer growth opportunities and provide a fulfilling working environment.

Here at ALM, we are a customer-focused and market-driven company dedicated to the success of the customers we serve with our information products and marketing services and events. Across ALM, our teams deliver premium content to professionals in the legal, finance, real estate and insurance industries.

We promote and value innovation and an entrepreneurial spirit. We believe that integrity must be at the heart of everything we do. We foster an environment of trust and teamwork and believe that employee empowerment drives our progress and success as a business. We insist on quality and continuous improvement in all that we do. We have a winning attitude and seek to celebrate all of our successes … big and small.

Salary Range: 100,000 – 107,000 USD Annually

The referenced salary range is based on the Company's good faith belief at the time of posting. Total compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level.

The Information Security Lead is responsible for safeguarding the global Law Business Research and ALM organization’s information assets across cloud, on‑prem, and managed service environments. The role focuses on strengthening security controls, operating SOC processes, enhancing monitoring and detection capabilities, leading incident response, managing vulnerabilities, supporting compliance frameworks, and engineering security improvements across the UK and US.

• Maintain and enhance the security posture across Microsoft 365, Azure, Intune, Defender, Sentinel SIEM, Cloudflare, and on‑prem environments.
• Monitor and triage security alerts, anomalous activity, and threat indicators.
• Develop and tune SIEM dashboards, alerts, correlation rules, and automation playbooks.
• Manage SIEM log ingestion and integrations.
• Operate and optimise EDR, identity protection tools, DLP, conditional access, MFA, email security, and NGINX App Protect.
• Oversee DNS and email authentication security (SPF, DKIM, DMARC).

• Lead technical response for global security incidents.
• Perform forensic investigation, log correlation, and root‑cause analysis.
• Maintain, test, and enhance IR playbooks (e.g., ransomware, credential compromise, cloud intrusion, DDoS).
• Coordinate incident communication with IT, leadership, vendors, and third‑party responders.

• Lead the vulnerability lifecycle: scanning, prioritisation, reporting, and verification of remediation.
• Maintain vulnerability dashboards and reporting.
• Manage internal and external penetration testing programmes and track remediation.
• Ensure CIS, NIST, and Microsoft Secure Score baselines are enforced.
• Conduct regular privileged access, conditional access, and role‑based access reviews.
• Manage Cloudflare security controls (WAF, bot mitigation, DNS security, Zero Trust, SSL/TLS enforcement).
• Analyse web traffic patterns for anomalies and potential threat activity.
• Ensure Cloudflare and NGINX security controls align with enterprise standards.

• Support compliance with ISO 27001/27002, NIST CSF, CIS Controls, GDPR, SOC 2, Cyber Essentials, DORA, and US regulatory requirements.
• Maintain security policies, procedures, risk registers, and documentation.
• Perform vendor and project risk assessments.
• Support internal/external audits and evidence collection.
• Assist with contractual, regulatory, and assurance requirements across both regions.
• Maintain CE and CE+ compliance, evidence gathering, configuration validation, and annual certification.
• Ensure…