Cybersecurity Manager

JOIN AN INDUSTRY LEADER Quality First & Green Always

Sloan is the world's leading manufacturer of commercial plumbing systems and has been in operation since 1906. We are at the forefront of the green building movement and provide sustainable restroom solutions. We manufacture water- efficient products including flush valves, electronic faucets, soap dispensing and sink systems along with vitreous china fixtures for commercial, industrial and institutional markets worldwide.

About this role: 

We are seeking an Cybersecurity Manager that will be based out of Sloan's Franklin Park, IL headquarters and will report to our Vice President of Global IT Infastructure and Operations. The Enterprise Cybersecurity Manager will be responsible for developing, implementing, and managing the organization's cybersecurity strategy. This role involves protecting the company's information assets, managing security risks, and ensuring compliance with industry standards and regulations. This role is a leader within the larger IT organization combining project oversight, team management, and hands on work. The ideal candidate will have a strong background in cybersecurity, excellent leadership skills, and the ability to work collaboratively across departments. 

What you'll do: 

• Develops and maintains a security process that enables the enterprise to develop and implement a secure environment that is aligned with business, technology and threat drivers.
• Manages the staff and vendors to execute contracts and SLA's providing security services.
• Validates IT infrastructure and other reference architectures for security best practices, and recommend changes to enhance security and reduce risk. Guidance on Security configurations for security infrastructure tools, including firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), anti-malware/endpoint protection systems.
• Determines baseline security configuration standards for operating systems (e.g., operating system hardening), network segmentation, and identity and access management (IAM). Driving the process around the currency of the environment inclusive of patching, firmware and operating systems.
• Liaison with vendors to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property, PII, ePHI, regulated or other protected data, including: SaaS providers, Cloud/infrastructure as a service (IaaS) providers, Managed service providers, Evaluate the statements of work from these providers to ensure that adequate security protections are in place. Assess the providers' SSAE 16 SOC 1 and SOC 2 audit reports (or alternative sources) for security-related deficiencies and required "user controls," and report any findings to the executive management team.
• Define and document security strategy plans, roadmaps, procedures and standards based on sound enterprise architecture practices.
• Govern, review and assess security, infrastructure logs for indicators of compromise or other anomalous behavior within networks, applications or user profiles. Conducts security assessments of internal systems, applications and IT infrastructure as part of the overall risk management practice of the organization.
• Conducts reviews of and oversees the change management function for security rulesets for the organization's firewalls, vulnerability assessments and other security reviews of systems, and prioritizes remediation based on the risk profile of the asset and guidance from executive management.
• Operational Management: Facilitate incident response strategies and procedures, Lead and coordinate response efforts during cyber incidents, Perform root cause analysis to identify vulnerabilities and threats, Ensure timely and effective communication with stakeholders during incidents, Maintain and update incident response plans and documentation, Facilitate the vulnerability management process, Collaborate with IT teams to implement security patches and updates
• Other duties and responsibilities as required.

What we are looking for: 

• Associate Degree
• 6+ Years Experience with cybersecurity in a role focused on it.
• Experience with technical project management skills, ITIL processes, strong analytical and organizational skills, and effective written and verbal communication skills
• The ideal candidate will have experience managing core security technologies including SEIM or other log management tools, policy development, control frameworks (eg. CIS, NIST CSF), and regulatory frameworks (eg. PCI-DSS).
• Understanding of cybersecurity concepts, standards and processes (Required)

Not required, but a plus: 

• Bachelor's Degree
• 2+ Years Management position overseeing other resources.
• 6+ Years Operating within a cybersecurity organization  
• Information Systems Security Professional (CISSP)
• Documented experience with Regulations, Standards, and Frameworks. National Institute of Standards and Technology (NIST), Cybersecurity Framework (CSF), PCIDSS.
• SIEM and log management technology

#LI-AD1

Why you'll love working here:

Inclusive Culture: YOU Belong at Sloan. 

At Sloan, we are committed to fostering an inclusive and diverse workplace where diverse backgrounds and perspectives are embraced and celebrated. We proudly offer equal employment opportunities regardless of race, color, religion, sex, sexual orientation, gender identity and expression, national origin, disability, age, genetic information, marital status, political affiliation, veteran status, or any other characteristic protected by law.

Growth Opportunities: We invest in our employees' professional development with ongoing training and career advancement opportunities.

Innovative Projects: Be part of exciting projects that push the boundaries of technology and have make a real difference in the world.

Compensation: The compensation range for this U.S.-based position is $130,500-$145,000 annually.

This position is eligible to participate in the company incentive plan. The terms and conditions of the company incentive  plan will be provided to plan participants on an annual basis.

Our compensation range reflects our good faith estimate of what an ideal candidate can expect, but final agreed upon compensation will always be based on the individual candidate's experience, skills, qualifications, and other job-related or market factors that may prove relevant during the hiring process.

Benefits:

• Comprehensive Health Coverage: Medical (including prescription coverage), Dental, and Vision Insurance, effective the first of the month following your hire date.
• Health Savings