Infrastructure Security, Sr. Manager

Senior Manager, Infrastructure Security

The Senior Manager, Infrastructure Security (Networks, Systems, Storage, Endpoint, DLP, and Cloud Security) is responsible for developing and leading a robust, global security program to protect infrastructure, data loss points, and cloud environments. This role oversees a team that designs, implements, and manages firm-wide controls for infrastructure security, data loss prevention, and cloud security. The person in this role will partner with IT teams and Business stakeholders to lead modernization efforts and ensure secure and compliant security practices across the Firm.

The ideal candidate is a highly skilled, hands-on technical leader with strong people skills and a proven track record of delivering enterprise security initiatives. They must be intimately familiar with technical aspects of all security domains and be able to drive consensus and collaboration among diverse teams, individuals, and business stakeholders to achieve desired results. The candidate must be detail-oriented with the ability to adapt rapidly to new challenges, think creatively and holistically, and quickly resolve unforeseen issues.

ESSENTIAL JOB DUTIES & RESPONSIBILITIES

• Develop and maintain an enterprise security strategy and roadmap aligned with business objectives and risk management priorities in the areas of:
  • Infrastructure Security: Network security, OS security, storage security, endpoint security, firewalls, IDS/IPS, NAC & WiFi security, email security, content filtering, domain & DNS security, secure configuration management, and IoT security.
  • Data Loss Prevention (DLP): DLP systems and agents, content filtering, file/disk/DMS monitoring, mobile and BYOD device protection.
  • Cloud Security: Cloud security posture management, cloud data and storage security, Kubernetes and container security, and secure deployment with Infrastructure as Code (IaC).
• Lead the implementation and operation of solutions supporting monitoring, prevention, and mitigation across infrastructure, DLP, and cloud environments.
• Oversee the design and enforcement of security controls including zero trust architecture, least privilege principles, segmentation, and secure configuration management.
• Lead selection, deployment, and management of relevant security tools and technologies.
• Ensure integration of security controls into public, private, and hybrid cloud platforms.
• Partner with IT teams to ensure secure architecture, deployment, and ongoing operations for infrastructure and cloud environments.
• Ensure timely detection, investigation, and remediation of threats and vulnerabilities across all focus areas.
• Develop and maintain policies, standards, and procedures related to infrastructure, DLP, and cloud security.
• Monitor systems for anomalies, unauthorized access, and policy violations; take corrective action, as necessary.
• Partner with SOC, IR, and VM teams to respond and resolve security incidents and vulnerabilities.
• Provide leadership, direction, and mentorship to the security operations team.
• Stay informed of industry best practices, threat landscapes, and emerging technologies to continuously improve the Firm's security posture and operational maturity.
• Maintain compliance with regulatory, privacy, and audit requirements, including ISO 27001, NIST, GDPR, and client-imposed security obligations.
• Deliver reporting and dashboards to provide visibility into risk patterns, policy compliance, and remediation effectiveness to both technical and non-technical stakeholders.
• Implement technical controls and solutions as needed to remediate cyber risks identified in assessments, audits, and testing.
• Collaborate with and influence cross-functional IT stakeholders to adopt a security-first mindset, adhere to security policies, and close identified gaps.
• Report on key security KRI/KPI metrics and performance indicators.
• Analyze data to proactively identify risks, trends, and opportunities for process improvement.
• Promote a secure-by-design framework across development and operational lifecycles.
• Make decisions and recommendations based on risk assessments and industry best practices; communicate context appropriately to stakeholders.

REQUIRED

• Bachelor's degree in information security, IT, risk management, related discipline, or equivalent experience.

PREFERRED

• Professional certifications such as CISSP, CISM, or similar.

SKILLS AND EXPERIENCE

• 10-15 years of experience in IT or Information Security, with at least 5 years in a leadership role focused on infrastructure, DLP, or cloud security.
• Proven ability to build and lead enterprise security programs at scale, ideally in a hybrid or cloud environment.
• Deep understanding of technical security domains: infrastructure protection, endpoint management, cloud security, and data loss prevention.
• Experience implementing and managing security tools (e.g., firewalls, DLP platforms, CSPM tools, container security platforms, endpoint protection, etc.).
• Familiarity with cloud platforms (AWS, Azure, GCP) and their native security controls.
• Strong understanding of NIST, ISO 27001, Cloud Controls Matrix, and regulatory standards related to security operations.
• Experience conducting risk assessments, policy development, incident response, and vulnerability remediation.
• Passion for innovation, automation, and continuous improvement.
• Excellent interpersonal, leadership, and communication skills.
• Ability to manage multiple priorities, make sound decisions under pressure, and communicate effectively with both technical and business audiences.
• Strong analytical mindset and continuous learning orientation.

Salary Information

NY Only: The estimated base salary range for this position is $190,000 to $220,000 at the time of posting.

The actual salary offered will depend on a variety of factors, including without limitation, the qualifications of the individual applicant for the position, years of relevant experience, level of education attained, certifications or other professional licenses held, and if applicable, the location in which the applicant lives and/or from which they will be performing the job. This role is exempt meaning it is not overtime pay eligible.

Privacy Notice

For information about how Simpson Thacher & Bartlett LLP collects and processes your personal information, please refer to our Privacy Notice available at https://www.stblaw.com/other/privacy-notice.

Simpson Thacher & Bartlett is committed to a collegial work environment in which all individuals are treated with respect and dignity. The Firm prohibits discrimination or harassment based upon race, color, religion, gender, gender identity or expression, age, national origin, citizenship status, disability, marital or partnership status, sexual orientation, veteran’s status or any other legally protected status. This Policy pertains to every aspect of an individual’s relationship with the Firm, including but not limited to recruitment, hiring, compensation, benefits, training and development, promotion, transfer, discipline, termination, and all other privileges, terms and conditions of employment.