Job Specifications
JOIN AN INDUSTRY LEADER! Quality First & Green Always
Sloan is the world's leading manufacturer of commercial plumbing systems and has been in operation since 1906. We are at the forefront of the green building movement and provide sustainable restroom solutions. We manufacture water- efficient products including flush valves, electronic faucets, soap dispensing and sink systems along with vitreous china fixtures for commercial, industrial and institutional markets worldwide.
About this role:
We are seeking an Enterprise Cybersecurity Manager that will be based out of Sloan's Franklin Park, IL headquarters and will report to our Vice President of Global IT Infrastructure and Operations. The Enterprise Cybersecurity Manager will be responsible for developing, implementing, and managing the organization's cybersecurity strategy. This role involves protecting the company's information assets, managing security risks, and ensuring compliance with industry standards and regulations. This role is a leader within the larger IT organization combining project oversight, team management, and hands on work. The ideal candidate will have a strong background in cybersecurity, excellent leadership skills, and the ability to work collaboratively across departments.
What you'll do:
Develops and maintains a security process that enables the enterprise to develop and implement a secure environment that is aligned with business, technology and threat drivers.
Manages the staff and vendors to execute contracts and SLA's providing security services.
Validates IT infrastructure and other reference architectures for security best practices, and recommend changes to enhance security and reduce risk. Guidance on Security configurations for security infrastructure tools, including firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), anti-malware/endpoint protection systems.
Determines baseline security configuration standards for operating systems (e.g., operating system hardening), network segmentation, and identity and access management (IAM). Driving the process around the currency of the environment inclusive of patching, firmware and operating systems.
Liaison with vendors to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property, PII, ePHI, regulated or other protected data, including: SaaS providers, Cloud/infrastructure as a service (IaaS) providers, Managed service providers, Evaluate the statements of work from these providers to ensure that adequate security protections are in place. Assess the providers' SSAE 16 SOC 1 and SOC 2 audit reports (or alternative sources) for security-related deficiencies and required "user controls," and report any findings to the executive management team.
Define and document security strategy plans, roadmaps, procedures and standards based on sound enterprise architecture practices.
Govern, review and assess security, infrastructure logs for indicators of compromise or other anomalous behavior within networks, applications or user profiles. Conducts security assessments of internal systems, applications and IT infrastructure as part of the overall risk management practice of the organization.
Conducts reviews of and oversees the change management function for security rulesets for the organization's firewalls, vulnerability assessments and other security reviews of systems, and prioritizes remediation based on the risk profile of the asset and guidance from executive management.
Operational Management: Facilitate incident response strategies and procedures, Lead and coordinate response efforts during cyber incidents, Perform root cause analysis to identify vulnerabilities and threats, Ensure timely and effective communication with stakeholders during incidents, Maintain and update incident response plans and documentation, Facilitate the vulnerability management process, Collaborate with IT teams to implement security patches and updates
Other duties and responsibilities as required.
What we are looking for:
Associate Degree
6+ Years Experience with cybersecurity in a role focused on it.
Experience with technical project management skills, ITIL processes, strong analytical and organizational skills, and effective written and verbal communication skills
The ideal candidate will have experience managing core security technologies including SEIM or other log management tools, policy development, control frameworks (eg. CIS, NIST CSF), and regulatory frameworks (eg. PCI-DSS).
Understanding of cybersecurity concepts, standards and processes (Required)
Not required, but a plus:
Bachelor's Degree
2+ Years Management position overseeing other resources.
6+ Years Operating within a cybersecurity organization
Information Systems Security Professional (CISSP)
Documented experience with Regulations, Standards, and Frameworks. National Institute of Standards and Technology (NIST), C
About the Company
Sloan is the world's leading manufacturer of commercial plumbing systems and has been in operation since 1906. Headquartered in Franklin Park, Illinois, the company is at the forefront of the green building movement and provides sustainable restroom solutions by manufacturing water and energy-efficient products such as flushometers, electronic faucets, sink systems, soap dispensing systems and vitreous china fixtures for commercial, industrial and institutional markets worldwide. Water Connects Us(r) is more than just Sloan'...
Know more