Cybersecurity Program Lead

Follett Content Solutions has been a trusted partner for educators since 1873! We support our educators that reach more than 45 million students worldwide. Follett Content Solutions helps build a diverse collection of print and digital resources to support every student. We are currently hiring for an Cybersecurity Program Lead in our office. This is a full-time exempt position located in McHenry IL. This position is a hybrid position requiring you to be in the office Monday Tuesday & Thursdays with Wednesday & Friday work from home days. The pay for this position is $100000 - $125000 annually. We offer an array of benefits to see those benefits click here.

Any pay range disclosed is based upon a combination of neutral factors such as required qualifications experience education skill training certifications seniority etc. Follett Content Solutions reserves the right to provide any successful candidate with a salary at the most appropriate level set as a result of such candidate qualifications experience education skill training certifications location or seniority.

Position Overview

The Cybersecurity Lead is responsible for safeguarding the confidentiality integrity and availability of Folletts systems data and cloud environments. This role serves as the primary technical authority for cybersecurity across the organization leading the design implementation and continuous improvement of security controls in a hybrid on-premise and cloud environment.

The Cybersecurity Lead partners closely with Infrastructure Networking Application Development and Legal/Governance stakeholders to ensure security is embedded into daily operations modernization initiatives and long-term architectural planning. This role owns incident response and threat detection activities leads cloud and application security efforts and provides technical support for governance and compliance programs.

As the organization expands its use of AI tools and modern development workflows the Cybersecurity Lead plays a critical role in ensuring secure integration proper logging responsible use and adherence to internal security standards. The ideal candidate brings strong hands-on experience with Azure security modern development practices endpoint protection and threat detection engineering.

Key Responsibilities:

Incident Response & Threat Detection

• Serves as the primary responder for security incidents across cloud endpoint and network environments.
• Collaborates with the Rapid7 SOC to validate alerts tune detections and improve response workflows.
• Conducts threat hunting and telemetry analysis within SentinelOne and other security platforms.
• Leads containment and remediation efforts in partnership with Infrastructure Networking and Application teams.
• Develops and refines detection logic response playbooks and escalation procedures.

Cloud Application & AI Security

• Designs and implements security controls for Azure workloads identity and cloud-native services.
• Partners with Application Development to integrate secure coding practices API security and threat modeling into the SDLC.
• Establishes standards for secure use of AI tools including logging access controls and data protection requirements.
• Supports security considerations for business application modernization initiatives
• Evaluates and recommends cloud and application security tools patterns and architectures.

Security Engineering & Endpoint Oversight

• Leads configuration tuning and continuous improvement of security technologies including SentinelOne Microsoft Defender Purview Action1 and SIEM integrations.
• Develops and maintains security baselines for servers endpoints and cloud resources.
• Ensures endpoint coverage and agent health across the environment partnering with the Service Desk for deployment and remediation.
• Implements automation and scripting to improve security operations and reduce manual effort.

Vulnerability Management

• Owns the vulnerability management lifecycle using Rapid7 including scan tuning prioritization and reporting.
• Identifies and escalates critical vulnerabilities requiring immediate remediation.
• Coordinates with Infrastructure Networking and Development teams to track and validate remediation progress.
• Provides actionable guidance to reduce risk across cloud endpoint and network environments.

• Bachelors degree in Computer Science Cybersecurity Engineering or related discipline OR equivalent training/professional experience.
• 5 years of hands-on experience in cybersecurity engineering cloud security application security or related technical security roles preferred; candidates with fewer years but exceptional aptitude development experience or demonstrated security capability will be considered.
• Strong written and verbal communication skills with the ability to collaborate effectively across Infrastructure Networking Development and Legal/Governance teams.
• 3 years of experience securing cloud environments preferably Microsoft Azure (Entra ID Defender Purview workload protection identity governance).
• Demonstrated experience with application security concepts including secure coding practices API security threat modeling and working directly with development teams.
• Familiarity with AI/ML security considerations including data protection access controls logging and responsible use of AI tools in enterprise environments.
• Experience with vulnerability management platforms (Rapid7 preferred) including scan tuning prioritization and remediation workflows.
• Strong understanding of identity and access management authentication technologies role-based authorization and zero-trust principles.
• Working knowledge of risk assessment methodologies threat modeling and security control frameworks (NIST CSF CIS Controls SOC 2).
• Ability to translate business requirements and risks into secure technical solutions and actionable remediation guidance.
• Technical proficiency with endpoint protection cloud security tools scripting/automation and hybrid infrastructure environments.
• Experience collaborating with third-party providers SOC partners auditors or managed service providers.
• Self-driven highly motivated and able to manage multiple priorities in a fast-moving environment.
• Strong analytical troubleshooting and problem-solving skills with a team-oriented mindset.
• Demonstrated ability to operate as a Lead/IC taking ownership of security engineering incident response and cross-functional coordination in a lean IT environment.
• Experience supporting security considerations during business application modernization initiatives.
• Position requires you to be on call 24/7
• AZ 500 AZ 104 CCSK/CCSP Security CySA CISSP or equivalent cloud/security credentials highly preferred.

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race color religion national origin pregnancy sexual orientation gender identity age physical or mental disability genetic factors military/veteran status or other characteristics protected by law. As an Equal Opportunity Employer we are committed to providing reasonable accommodations to job applicants with disabilities. If you are interested in applying for employment and need assistance or an accommodation in the application process due to a disability please contact us by email or phone.

• Email: Send request to
• Phone: Request assistance by calling 800.773.7010 x45130

When contacting us please provide your contact information the job position or title and state the nature of your accessibility issue.