Intake Talent
Location:
Erlanger, KY (Hybrid - 3 days in office / 2 days remote) Salary:
$105,000 - $110,000 USD per year
About the Role: Our client, a global provider of legal intelligence with operations across the UK and US, is seeking an experienced Information Security Lead to safeguard its information assets across cloud, on-premise, and managed service environments. This is a hands-on, technical leadership role responsible for security operations, incident response, vulnerability management, and compliance. The successful candidate will play a key role in strengthening security controls, improving monitoring and detection capabilities, and driving continuous improvement in the organisations security posture across both regions.
Key Responsibilities:
Security Operations & Monitoring (SOC) Maintain and enhance security controls across Microsoft 365, Azure, Intune, Defender, Sentinel SIEM, Cloudflare, and on-prem environments Monitor, investigate, and triage security alerts and anomalous activity Develop and tune SIEM dashboards, alerts, correlation rules, and automation playbooks Manage SIEM log ingestion and integrations Operate and optimise EDR, identity protection, DLP, MFA, email security, and application protection controls Oversee DNS and email authentication security (SPF, DKIM, DMARC)
Incident Response & Threat Handling: Lead technical response to global security incidents Conduct forensic investigations, log analysis, and root-cause analysis Maintain, test, and improve incident response playbooks (e.g. ransomware, credential compromise, cloud intrusion, DDoS) Coordinate incident communications with internal teams, leadership, and external vendors
Vulnerability Management & Testing: Own the vulnerability lifecycle: scanning, prioritisation, remediation tracking, and verification Manage internal and external penetration testing programmes Maintain vulnerability dashboards and reporting Ensure CIS, NIST, and Microsoft Secure Score baselines are enforced Perform regular access and privilege reviews
Cloudflare, DNS & Network Security: Manage Cloudflare security controls including WAF, bot mitigation, DNS security, Zero Trust, and SSL/TLS enforcement Analyse web traffic and security events for anomalies and threats Ensure Cloudflare and NGINX security controls align with enterprise standards
Governance, Risk & Compliance (GRC): Support compliance with ISO 27001/27002, NIST CSF, CIS Controls, GDPR, SOC 2, Cyber Essentials, DORA, and US regulatory requirements Maintain security policies, procedures, risk registers, and documentation Perform vendor and project risk assessments Support internal and external audits and assurance activities
Security Architecture & Improvement: Conduct security reviews of new technologies, SaaS applications, and infrastructure Partner with development and engineering teams on secure design and remediation Deliver security awareness initiatives and promote a strong security-first culture Track emerging threats and contribute to long-term security roadmap planning
Required Experience & Skills: 5+ years experience in information security, SOC operations, or cybersecurity Strong hands-on experience with Microsoft 365, Azure, Sentinel SIEM, Defender suite, EDR, Cloudflare, DNS security, and NGINX App Protect Proven experience in incident response, threat detection, SIEM engineering, vulnerability management, and penetration testing coordination Solid understanding of network security, IAM, endpoint security, email security, and SaaS environments Experience working closely with infrastructure, cloud, and application teams Excellent communication skills, with the ability to engage both technical and non-technical stakeholders Calm, structured approach during high-pressure security incidents
Frameworks & Standards: Working knowledge of ISO 27001/27002, NIST, CIS Controls, SOC 2, GDPR, DORA, and US security regulations Experience supporting audits, risk assessments, and compliance initiatives
Preferred Certifications: Security+ AZ-500 (Azure Security Engineer) SC-200, SC-300, SC-400 GIAC, CEH, CySA+, or similar Microsoft Sentinel 400
Why Apply? Competitive salary Hybrid working model (3 days in office, 2 remote) Opportunity to lead and shape security practices for a respected global legal intelligence provider Exposure to modern cloud, SaaS, and security technologies Collaborative, professional environment with strong executive support
Erlanger, KY (Hybrid - 3 days in office / 2 days remote) Salary:
$105,000 - $110,000 USD per year
About the Role: Our client, a global provider of legal intelligence with operations across the UK and US, is seeking an experienced Information Security Lead to safeguard its information assets across cloud, on-premise, and managed service environments. This is a hands-on, technical leadership role responsible for security operations, incident response, vulnerability management, and compliance. The successful candidate will play a key role in strengthening security controls, improving monitoring and detection capabilities, and driving continuous improvement in the organisations security posture across both regions.
Key Responsibilities:
Security Operations & Monitoring (SOC) Maintain and enhance security controls across Microsoft 365, Azure, Intune, Defender, Sentinel SIEM, Cloudflare, and on-prem environments Monitor, investigate, and triage security alerts and anomalous activity Develop and tune SIEM dashboards, alerts, correlation rules, and automation playbooks Manage SIEM log ingestion and integrations Operate and optimise EDR, identity protection, DLP, MFA, email security, and application protection controls Oversee DNS and email authentication security (SPF, DKIM, DMARC)
Incident Response & Threat Handling: Lead technical response to global security incidents Conduct forensic investigations, log analysis, and root-cause analysis Maintain, test, and improve incident response playbooks (e.g. ransomware, credential compromise, cloud intrusion, DDoS) Coordinate incident communications with internal teams, leadership, and external vendors
Vulnerability Management & Testing: Own the vulnerability lifecycle: scanning, prioritisation, remediation tracking, and verification Manage internal and external penetration testing programmes Maintain vulnerability dashboards and reporting Ensure CIS, NIST, and Microsoft Secure Score baselines are enforced Perform regular access and privilege reviews
Cloudflare, DNS & Network Security: Manage Cloudflare security controls including WAF, bot mitigation, DNS security, Zero Trust, and SSL/TLS enforcement Analyse web traffic and security events for anomalies and threats Ensure Cloudflare and NGINX security controls align with enterprise standards
Governance, Risk & Compliance (GRC): Support compliance with ISO 27001/27002, NIST CSF, CIS Controls, GDPR, SOC 2, Cyber Essentials, DORA, and US regulatory requirements Maintain security policies, procedures, risk registers, and documentation Perform vendor and project risk assessments Support internal and external audits and assurance activities
Security Architecture & Improvement: Conduct security reviews of new technologies, SaaS applications, and infrastructure Partner with development and engineering teams on secure design and remediation Deliver security awareness initiatives and promote a strong security-first culture Track emerging threats and contribute to long-term security roadmap planning
Required Experience & Skills: 5+ years experience in information security, SOC operations, or cybersecurity Strong hands-on experience with Microsoft 365, Azure, Sentinel SIEM, Defender suite, EDR, Cloudflare, DNS security, and NGINX App Protect Proven experience in incident response, threat detection, SIEM engineering, vulnerability management, and penetration testing coordination Solid understanding of network security, IAM, endpoint security, email security, and SaaS environments Experience working closely with infrastructure, cloud, and application teams Excellent communication skills, with the ability to engage both technical and non-technical stakeholders Calm, structured approach during high-pressure security incidents
Frameworks & Standards: Working knowledge of ISO 27001/27002, NIST, CIS Controls, SOC 2, GDPR, DORA, and US security regulations Experience supporting audits, risk assessments, and compliance initiatives
Preferred Certifications: Security+ AZ-500 (Azure Security Engineer) SC-200, SC-300, SC-400 GIAC, CEH, CySA+, or similar Microsoft Sentinel 400
Why Apply? Competitive salary Hybrid working model (3 days in office, 2 remote) Opportunity to lead and shape security practices for a respected global legal intelligence provider Exposure to modern cloud, SaaS, and security technologies Collaborative, professional environment with strong executive support