Cybersecurity Program Lead

Follett Content Solutions LLC•Mchenry, IL

2d•Hybrid

About The Position

Follett Content Solutions is seeking a Cybersecurity Program Lead to join their team in McHenry, IL. This is a full-time exempt position that supports educators worldwide. The role is hybrid, requiring in-office presence on Mondays, Tuesdays, and Thursdays, with remote work on Wednesdays and Fridays. The Cybersecurity Lead is responsible for protecting the confidentiality, integrity, and availability of Follett’s systems, data, and cloud environments. This individual will act as the primary technical authority for cybersecurity, overseeing the design, implementation, and continuous improvement of security controls in a hybrid on-premise and cloud setting. The role involves close collaboration with Infrastructure, Networking, Application Development, and Legal/Governance teams to integrate security into daily operations, modernization efforts, and long-term architectural planning. Key duties include owning incident response and threat detection, leading cloud and application security initiatives, and providing technical support for governance and compliance programs. As the organization adopts AI tools and modern development workflows, the Lead will ensure secure integration, proper logging, responsible use, and adherence to security standards. The ideal candidate will have strong hands-on experience with Azure security, modern development practices, endpoint protection, and threat detection engineering.

Requirements

Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or related discipline OR equivalent training/professional experience.
5+ years of hands-on experience in cybersecurity engineering, cloud security, application security, or related technical security roles preferred; candidates with fewer years but exceptional aptitude, development experience, or demonstrated security capability will be considered.
Strong written and verbal communication skills with the ability to collaborate effectively across Infrastructure, Networking, Development, and Legal/Governance teams.
3+ years of experience securing cloud environments, preferably Microsoft Azure (Entra ID, Defender, Purview, workload protection, identity governance).
Demonstrated experience with application security concepts, including secure coding practices, API security, threat modeling, and working directly with development teams.
Familiarity with AI/ML security considerations, including data protection, access controls, logging, and responsible use of AI tools in enterprise environments.
Experience with vulnerability management platforms (Rapid7 preferred), including scan tuning, prioritization, and remediation workflows.
Strong understanding of identity and access management, authentication technologies, role-based authorization, and zero-trust principles.
Working knowledge of risk assessment methodologies, threat modeling, and security control frameworks (NIST CSF, CIS Controls, SOC 2).
Ability to translate business requirements and risks into secure technical solutions and actionable remediation guidance.
Technical proficiency with endpoint protection, cloud security tools, scripting/automation, and hybrid infrastructure environments.
Experience collaborating with third-party providers, SOC partners, auditors, or managed service providers.
Self-driven, highly motivated, and able to manage multiple priorities in a fast-moving environment.
Strong analytical, troubleshooting, and problem-solving skills with a team-oriented mindset.
Demonstrated ability to operate as a Lead/IC, taking ownership of security engineering, incident response, and cross-functional coordination in a lean IT environment.
Experience supporting security considerations during business application modernization initiatives.

Nice To Haves

AZ 500, AZ 104, CCSK/CCSP, Security+, CySA+, CISSP, or equivalent cloud/security credentials highly preferred.

Responsibilities

Serve as the primary responder for security incidents across cloud, endpoint, and network environments.
Collaborate with the Rapid7 SOC to validate alerts, tune detections, and improve response workflows.
Conduct threat hunting and telemetry analysis within SentinelOne and other security platforms.
Lead containment and remediation efforts in partnership with Infrastructure, Networking, and Application teams.
Develop and refine detection logic, response playbooks, and escalation procedures.
Design and implement security controls for Azure workloads, identity, and cloud-native services.
Partner with Application Development to integrate secure coding practices, API security, and threat modeling into the SDLC.
Establish standards for secure use of AI tools, including logging, access controls, and data protection requirements.
Support security considerations for business application modernization initiatives.
Evaluate and recommend cloud and application security tools, patterns, and architectures.
Lead configuration, tuning, and continuous improvement of security technologies including SentinelOne, Microsoft Defender, Purview, Action1, and SIEM integrations.
Develop and maintain security baselines for servers, endpoints, and cloud resources.
Ensure endpoint coverage and agent health across the environment, partnering with the Service Desk for deployment and remediation.
Implement automation and scripting to improve security operations and reduce manual effort.
Own the vulnerability management lifecycle using Rapid7, including scan tuning, prioritization, and reporting.
Identify and escalate critical vulnerabilities requiring immediate remediation.
Coordinate with Infrastructure, Networking, and Development teams to track and validate remediation progress.
Provide actionable guidance to reduce risk across cloud, endpoint, and network environments.
Be on call 24/7.