Senior Cybersecurity Engineer

Spotless Brands LLC
Oakbrook Terrace, United States of America
7 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Oakbrook Terrace, United States of America

Tech stack

Computer Security
Data Infrastructure
Information Leak Prevention
Intrusion Detection and Prevention
Microsoft Security Essentials
Microsoft Office
PCI Data Security Standards
Phishing
Software Vulnerability Management
Information Technology
3-tier Architectures

Job description

The Senior Cybersecurity Engineer leads enterprise security operations, incident response, and technical security engineering across all Spotless Brands (Cobblestone, Flagship, Okie Auto Wash, Ultimate Shine). This role owns the organization's security architecture, tooling, and roadmap, driving advancement of the company's cybersecurity maturity aligned to the NIST Cybersecurity Framework (CSF) toward Tier 3.

This position partners closely with Infrastructure and IT teams to ensure security is embedded across all systems and initiatives, while mentoring junior cybersecurity resources and strengthening overall program effectiveness

Essential Functions (Other Duties as Assigned)

  • Lead enterprise security operations, including threat detection, incident response, and forensic investigations; act as primary owner for all security incidents and coordinate response across IT and business stakeholders
  • Own the cybersecurity roadmap, remediation plan, and risk register; drive continuous improvement aligned to the NIST Cybersecurity Framework (CSF) and report regularly on security posture and risk to leadership
  • Own and execute the vulnerability management program end-to-end, prioritizing remediation based on risk and partnering with infrastructure teams to ensure timely closure
  • Design, implement, and maintain security controls across identity, endpoint, network, and data environments; ensure security requirements are integrated into all infrastructure and application changes
  • Own security architecture decisions and ensure alignment with business strategy and evolving threat landscape
  • Own and manage security platforms, including Microsoft Defender, Purview, DLP, EDR, and identity protection; continuously evaluate and implement tools to improve visibility, detection, and response
  • Lead the selection, implementation, and ongoing ownership of centralized monitoring and alert correlation capabilities
  • Support and drive compliance initiatives (SOC 2, PCI-DSS, cyber insurance) by ensuring security controls meet regulatory and audit requirements
  • Own the enterprise security awareness program, including training strategy, phishing simulations, and ongoing performance improvement based on user risk trends
  • Report security awareness metrics, phishing results, and overall organizational risk posture to leadership on a regular basis
  • Plan and conduct incident response tabletop exercises; document findings and ensure remediation of identified gaps
  • Mentor and develop junior cybersecurity resources while building documentation, processes, and operational playbooks to scale the security function

Requirements

  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field; equivalent professional experience considered in lieu of degree
  • 5+ years of progressive cybersecurity experience, including hands-on security engineering, incident response, and vulnerability management
  • Demonstrated experience leading a security program or maturity initiative aligned to a recognized framework (NIST CSF, ISO 27001, or similar)
  • Relevant certifications preferred: CISSP, CISM, GSEC, GCIH, or equivalent
  • Experience with Microsoft security stack (Defender for Office 365, Purview, Entra ID/Conditional Access, EDR, DLP) and multi-site/multi-brand environments preferred

Knowledge, Skills, and Abilities

  • Strong knowledge of the NIST Cybersecurity Framework (CSF) and ability to translate a maturity gap assessment into an executable, prioritized roadmap
  • Hands-on technical proficiency in identity protection, endpoint detection and response (EDR), data loss prevention (DLP), and email security platforms
  • Ability to design and implement technical security controls and integrate security requirements into infrastructure and application changes
  • Experience leading incident response and forensic investigations, including planning and facilitating tabletop exercises
  • Working knowledge of compliance and audit frameworks (SOC 2, PCI-DSS) and cyber insurance requirements
  • Strong written and verbal communication skills; able to translate technical risk into business terms for non-technical stakeholders and leadership
  • Ability to mentor junior staff while independently owning a technical program with minimal day-to-day oversight

Physical Requirements:

  • Approximately 10% travel to brand/site locations for security assessments, incident response, or tabletop exercises
  • Ability to respond to critical (P1) security incidents outside standard business hours as needed

This job description in no way states or implies that these are the only duties to be performed by the employee(s) in this position. Employee(s) will be required to follow any other job-related instructions and to perform any other job-related duties requested by any person authorized to give instructions or assignments.

All duties and responsibilities are essential job functions and requirements and are subject to possible modification to reasonably accommodate individuals with disabilities. To perform this job successfully, the incumbent(s) will possess the skills, aptitudes, and abilities to perform each duty proficiently. The requirements listed in this document are the minimum levels of knowledge, skills, and abilities.

Apply for this position