Demo

Lead, Cybersecurity Architecture & Operations

Culligan Opportunities
Rosemont, IL Full Time
POSTED ON 7/8/2026
AVAILABLE BEFORE 9/8/2026

Position: Lead, Cybersecurity Architecture & Operations

Supervisor: Global Chief Information Security Officer

Location: Rosemont, IL

Summary: 

We are seeking a seasoned, self-motivated, hands-on cybersecurity leader to serve as the technical anchor of our global security program. Reporting directly to the Global CISO, you will own the architecture and day-to-day operation of our core security capabilities—SaaS and data security posture management, vulnerability management, SIEM, and SOC operations—across a complex, global environment.

This is a player-coach role for someone who wants both strategic influence and technical depth: you will design the architecture, then roll up your sleeves to build, tune, and run it. You will also play a key role in maturing our security controls, evidence, and audit readiness.

Responsibilities:

  • Security architecture: Define and maintain the enterprise security architecture and reference patterns across cloud, SaaS, network, endpoint, and identity domains.
  • SSPM: Deploy, operate, and continuously tune our SSPM platform; drive remediation of SaaS misconfigurations, risky integrations, and identity/permission sprawl across the global SaaS estate.
  • DSPM: Lead DSPM implementation and operations—discover, classify, and protect sensitive data across cloud and on-premises stores; partner with privacy and legal on data governance.
  • Vulnerability management: Own the end-to-end vulnerability management lifecycle: scanning coverage, risk-based prioritization, remediation SLAs, exception handling, and executive reporting across global infrastructure and applications.
  • SIEM: Administer and optimize the SIEM platform—log source onboarding, parsing, detection engineering, use-case development, and cost/ingestion management.
  • SOC operations: Run day-to-day SOC operations, including oversight of MSSP/MDR partners; mature triage, escalation, and incident response playbooks; lead and coordinate response to security incidents across time zones.
  • Audit and Compliance: Strengthen controls, documentation, and evidence to support SOX ITGC and internal/external audits; conduct application and technology security assessments to evaluate risk and ensure compliance with security standards.
  • Threat-informed defense: Track threat actor activity relevant to our industry and translate it into detections, hardening priorities, and leadership briefings.
  • Global collaboration & mentorship: Partner with IT, infrastructure, application, and business teams across regions; mentor analysts and engineers and raise the technical bar of the broader team.
  • Tooling & automation: Evaluate, select, and integrate security tooling; manage vendor relationships and drive consolidation and automation where it adds value. 

Requirements:

  • 6 years of progressive, hands-on experience in cybersecurity engineering, architecture, and/or security operations.
  • Deep, practitioner-level experience with SSPM and DSPM platforms (e.g., deploying, operating, and driving remediation at scale).
  • Proven ownership of an enterprise vulnerability management program, including risk-based prioritization and remediation governance.
  • Hands-on experience administering a SIEM (e.g., detection engineering, log onboarding, tuning) and managing or overseeing a SOC, including MSSP/MDR relationships.
  • Strong working knowledge of cloud security (AWS, Azure, and/or GCP), identity and access management, and SaaS ecosystems (e.g., M365, Salesforce, Workday).
  • Experience operating in a global, multi-region environment with distributed teams and follow-the-sun coordination.
  • Excellent communication skills—able to brief executives, write clear standards, and influence engineers without direct authority.
  • Self-starter who operates with minimal direction and drives initiatives from concept to steady-state operation.

 

Preferred Qualifications:

  • Experience supporting SOX ITGC controls or operating in a public company environment.
  • Familiarity with frameworks and regulations such as NIST CSF, ISO 27001, CIS Controls, GDPR, and PCI DSS.
  • Scripting/automation skills (Python, PowerShell, APIs) and experience with SOAR platforms.
  • Relevant certifications such as CISSP, CISM, GIAC (GCIA, GCIH, GDSA), or cloud security certifications (AWS/Azure security specialty, CCSP).
  • Experience in manufacturing, consumer products, or other distributed-operations industries.

 

What Success Looks Like: 

  • SSPM and DSPM platforms are fully operational, with a measurable reduction in SaaS misconfigurations and unprotected sensitive data.
  • Vulnerability management SLAs are defined, reported, and trending in the right direction across all regions.
  • SIEM detection coverage mapped to MITRE ATT&CK with documented, tested response playbooks; SOC/MSSP performance metrics in place.
  • Security controls and evidence ready to withstand internal and external audit scrutiny.

 

Work Arrangements: 

This is a hybrid position based at our Rosemont, IL office, with three days per week onsite. Occasional travel and flexibility for calls across global time zones is expected.

 

Target Salary Range: $140,000 - $180,000 year plus bonus.  Exact pay will be based on factors including, but not limited to relevant education, qualifications, experience, level, geographic location, and business and organizational needs.  Full-time positions are eligible for competitive benefits, including: paid time off, health, dental, vision, life, disability benefits and 401(k).

 

Salary : $140,000 - $180,000

If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

What is the career path for a Lead, Cybersecurity Architecture & Operations?

Sign up to receive alerts about other jobs on the Lead, Cybersecurity Architecture & Operations career path by checking the boxes next to the positions that interest you.
Income Estimation: 
$192,911 - $256,346
Income Estimation: 
$228,678 - $310,400
Income Estimation: 
$123,246 - $161,441
Income Estimation: 
$152,549 - $188,894
Income Estimation: 
$135,994 - $168,063
Income Estimation: 
$161,209 - $233,553
Employees: Get a Salary Increase
View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

Job openings at Culligan Opportunities

  • Culligan Opportunities Libertyville, IL
  • The Manufacturing Engineering plays a crucial role in the supply chain by developing and executing strategies for internal plant operations and selecting a... more
  • 7 Days Ago

  • Culligan Opportunities Libertyville, IL
  • Position: Manufacturing Associate / Electrical Technician (Electrical II) Supervisor: Plant Manager Location: Libertyville, IL Description: This position i... more
  • 7 Days Ago

  • Culligan Opportunities Rosemont, IL
  • Description: Culligan is looking for a Global Customs Compliance Director. This individual is responsible for leading and maintaining a comprehensive globa... more
  • 2 Days Ago

  • Culligan Opportunities Libertyville, IL
  • Position: Field Service Engineer Location: Libertyville, IL - onsite and travel to customer sites across the US Description: The Field Service Engineer is ... more
  • 3 Days Ago


Not the job you're looking for? Here are some other Lead, Cybersecurity Architecture & Operations jobs in the Rosemont, IL area that may be a better fit.

  • Centric Consulting Chicago, IL
  • Business Architect Lead Job Level: W2T Consultant Job Location: Remote/Hybrid Travel Travel Expectations: 25 % Job Classification: Temporary (W2T) Contract... more
  • 4 Days Ago

  • IPS-Integrated Project Services Chicago, IL
  • Job Description At IPS, we are global leaders in developing innovative solutions for the consulting, architecture, engineering, project controls, procureme... more
  • 1 Day Ago

AI Assistant is available now!

Feel free to start your new journey!