Lead, Cybersecurity Architecture & Operations

Culligan International Company
Rosemont, United States of America
7 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior
Compensation
$ 180K

Job location

Rosemont, United States of America

Tech stack

API
Amazon Web Services (AWS)
Azure
Software as a Service
Cloud Computing Security
Computer Security
Data Governance
Data Security
Identity and Access Management
Information Security Management
Intrusion Detection and Prevention
Information Systems Security Architecture Professional
Python
Parsing
PCI Data Security Standards
Performance Tuning
Powershell
Salesforce
Security Information and Event Management
Software Vulnerability Management
Scripting (Bash/Python/Go/Ruby)
IT General Controls (ITGC)
Office365
Mitre Att&ck
CIS Benchmarks
Workday

Job description

We are seeking a seasoned, self-motivated, hands-on cybersecurity leader to serve as the technical anchor of our global security program. Reporting directly to the Global CISO, you will own the architecture and day-to-day operation of our core security capabilities-SaaS and data security posture management, vulnerability management, SIEM, and SOC operations-across a complex, global environment.

This is a player-coach role for someone who wants both strategic influence and technical depth: you will design the architecture, then roll up your sleeves to build, tune, and run it. You will also play a key role in maturing our security controls, evidence, and audit readiness., * Security architecture: Define and maintain the enterprise security architecture and reference patterns across cloud, SaaS, network, endpoint, and identity domains.

  • SSPM: Deploy, operate, and continuously tune our SSPM platform; drive remediation of SaaS misconfigurations, risky integrations, and identity/permission sprawl across the global SaaS estate.
  • DSPM: Lead DSPM implementation and operations-discover, classify, and protect sensitive data across cloud and on-premises stores; partner with privacy and legal on data governance.
  • Vulnerability management: Own the end-to-end vulnerability management lifecycle: scanning coverage, risk-based prioritization, remediation SLAs, exception handling, and executive reporting across global infrastructure and applications.
  • SIEM: Administer and optimize the SIEM platform-log source onboarding, parsing, detection engineering, use-case development, and cost/ingestion management.
  • SOC operations: Run day-to-day SOC operations, including oversight of MSSP/MDR partners; mature triage, escalation, and incident response playbooks; lead and coordinate response to security incidents across time zones.
  • Audit and Compliance: Strengthen controls, documentation, and evidence to support SOX ITGC and internal/external audits; conduct application and technology security assessments to evaluate risk and ensure compliance with security standards.
  • Threat-informed defense: Track threat actor activity relevant to our industry and translate it into detections, hardening priorities, and leadership briefings.
  • Global collaboration & mentorship: Partner with IT, infrastructure, application, and business teams across regions; mentor analysts and engineers and raise the technical bar of the broader team.
  • Tooling & automation: Evaluate, select, and integrate security tooling; manage vendor relationships and drive consolidation and automation where it adds value., * SSPM and DSPM platforms are fully operational, with a measurable reduction in SaaS misconfigurations and unprotected sensitive data.
  • Vulnerability management SLAs are defined, reported, and trending in the right direction across all regions.
  • SIEM detection coverage mapped to MITRE ATT&CK with documented, tested response playbooks; SOC/MSSP performance metrics in place.
  • Security controls and evidence ready to withstand internal and external audit scrutiny.

Work Arrangements:

This is a hybrid position based at our Rosemont, IL office, with three days per week onsite. Occasional travel and flexibility for calls across global time zones is expected.

Requirements

  • 6+ years of progressive, hands-on experience in cybersecurity engineering, architecture, and/or security operations.
  • Deep, practitioner-level experience with SSPM and DSPM platforms (e.g., deploying, operating, and driving remediation at scale).
  • Proven ownership of an enterprise vulnerability management program, including risk-based prioritization and remediation governance.
  • Hands-on experience administering a SIEM (e.g., detection engineering, log onboarding, tuning) and managing or overseeing a SOC, including MSSP/MDR relationships.
  • Strong working knowledge of cloud security (AWS, Azure, and/or GCP), identity and access management, and SaaS ecosystems (e.g., M365, Salesforce, Workday).
  • Experience operating in a global, multi-region environment with distributed teams and follow-the-sun coordination.
  • Excellent communication skills-able to brief executives, write clear standards, and influence engineers without direct authority.
  • Self-starter who operates with minimal direction and drives initiatives from concept to steady-state operation.

Preferred Qualifications:

  • Experience supporting SOX ITGC controls or operating in a public company environment.
  • Familiarity with frameworks and regulations such as NIST CSF, ISO 27001, CIS Controls, GDPR, and PCI DSS.
  • Scripting/automation skills (Python, PowerShell, APIs) and experience with SOAR platforms.
  • Relevant certifications such as CISSP, CISM, GIAC (GCIA, GCIH, GDSA), or cloud security certifications (AWS/Azure security specialty, CCSP).
  • Experience in manufacturing, consumer products, or other distributed-operations industries.

Benefits & conditions

Target Salary Range: $140,000 - $180,000 year plus bonus. Exact pay will be based on factors including, but not limited to relevant education, qualifications, experience, level, geographic location, and business and organizational needs. Full-time positions are eligible for competitive benefits, including: paid time off, health, dental, vision, life, disability benefits and 401(k).

Apply for this position