Cybersecurity Program Lead

Follett Content Solutions has been a trusted partner for educators since 1873! We support our educators that reach more than 45 million students worldwide. Follett Content Solutions helps build a diverse collection of print and digital resources to support every student. We are currently hiring for an Cybersecurity Program Lead in our office. This is a full-time exempt position located in McHenry, IL.

This position is a hybrid position requiring you to be in the office Monday, Tuesday, & Thursdays with Wednesday & Friday work from home days. The pay for this position is $100,000 - $125,000 annually. We offer an array of benefits, to see those benefits .

Any pay range disclosed is based upon a combination of neutral factors such as required qualifications, experience, education, skill, training, certifications, seniority, etc. Follett Content Solutions reserves the right to provide any successful candidate with a salary at the most appropriate level set as a result of such candidate’ qualifications, experience, education, skill, training, certifications, location or seniority.

The Cybersecurity Lead is responsible for safeguarding the confidentiality, integrity, and availability of Follett’s systems, data, and cloud environments. This role serves as the primary technical authority for cybersecurity across the organization, leading the design, implementation, and continuous improvement of security controls in a hybrid on-premise and cloud environment.

The Cybersecurity Lead partners closely with Infrastructure, Networking, Application Development, and Legal/Governance stakeholders to ensure security is embedded into daily operations, modernization initiatives, and long‑term architectural planning. This role owns incident response and threat detection activities, leads cloud and application security efforts, and provides technical support for governance and compliance programs.

As the organization expands its use of AI tools and modern development workflows, the Cybersecurity Lead plays a critical role in ensuring secure integration, proper logging, responsible use, and adherence to internal security standards. The ideal candidate brings strong hands‑on experience with Azure security, modern development practices, endpoint protection, and threat detection engineering.

• Serves as the primary responder for security incidents across cloud, endpoint, and network environments.
• Collaborates with the Rapid7 SOC to validate alerts, tune detections, and improve response workflows.
• Conducts threat hunting and telemetry analysis within Sentinel One and other security platforms.
• Leads containment and remediation efforts in partnership with Infrastructure, Networking, and Application teams.
• Develops and refines detection logic, response playbooks, and escalation procedures.

• Designs and implements security controls for Azure workloads, identity, and cloud‑native services.
• Partners with Application Development to integrate secure coding practices, API security, and threat modeling into the SDLC.
• Establishes standards for secure use of AI tools, including logging, access controls, and data protection requirements.
• Supports security considerations for business application modernization initiatives
• Evaluates and recommends cloud and application security tools, patterns, and architectures.

• Leads configuration, tuning, and continuous improvement of security technologies including Sentinel One, Microsoft Defender, Purview, Action1, and SIEM integrations.
• Develops and maintains security baselines for servers, endpoints, and cloud resources.
• Ensures endpoint coverage and agent health across the environment, partnering with the Service Desk for deployment and remediation.
• Implements automation and scripting to improve security operations and reduce manual effort.

• Owns the vulnerability management lifecycle using Rapid7, including scan tuning, prioritization, and reporting.
• Identifies and escalates critical vulnerabilities requiring immediate remediation.
• Coordinates…