Job Description
Director of Enterprise Cybersecurity
Posting Start Date:  5/21/26
Job Posting Location: 

Chicago, Illinois, United States, 60607

Franklin Park, Illinois, United States, 60131

Req ID:  11943  

 

JOIN AN INDUSTRY LEADER! Quality First & Green Always

Sloan is the world’s leading manufacturer of commercial plumbing systems and has been in operation since 1906. We are at the forefront of the green building movement and provide sustainable restroom solutions. We manufacture water- efficient products including flush valves, electronic faucets, soap dispensing and sink systems along with vitreous china fixtures for commercial, industrial and institutional markets worldwide.

 

Job Purpose
The Director of Enterprise Cybersecurity is responsible for the strategy, governance, and risk management of Sloan's cybersecurity program. The role sets the multi-year security roadmap, defines control frameworks, and establishes the governance structures that guide how cybersecurity risk is identified, measured, and treated across the enterprise.Reporting to the Chief Information Officer, the Director serves as the primary representative of the cybersecurity program to executive leadership and the broader organization. This role translates technical risk into business terms, delivers regular reporting on program maturity and risk posture, and informs executive decision-making on security investments, incidents, and strategic direction.The Director leads a team consisting of the Manager of Enterprise Cybersecurity, a Security Analyst, and oversight of Sloan's Managed Security Service Provider (MSSP). The Manager owns day-to-day operations while the Director retains accountability for strategy, governance, compliance posture, and budget.The role is responsible for protecting Sloan's IT and OT environments across a global manufacturing footprint. This includes balancing risk reduction with operational uptime, evaluating emerging threats, and building the security program required to support Sloan's
 growth and technology modernization agenda.

Job Responsibilities and Dutires
•    Security Strategy and Roadmap: Develop and maintain the multi-year enterprise cybersecurity strategy and roadmap aligned to business objectives, threat landscape, and Sloan's technology direction. Translate strategy into funded, sequenced programs with measurable outcomes.
•    Security Metrics and KPI Program: Establish and maintain a formal cybersecurity KPI and metrics program. Report program performance, risk posture, and maturity to the CIO and the Enterprise Risk Management Committee on a regular cadence.
•    Enterprise Risk and Governance: Own the enterprise cybersecurity risk management program. Define risk appetite with executive leadership, maintain the enterprise risk register, and drive risk treatment decisions. Report risk posture and program maturity to the CIO and executive leadership on a regular cadence.
•    Security Steering Committee Representation: Represent cybersecurity on the Sloan Enterprise Risk Management (ERM) Committee. Establish and lead other internal IT cybersecurity committees at the Director's discretion.
•    Compliance and Regulatory Programs: Lead compliance programs for applicable frameworks and regulations including NIST CSF, CIS Controls, PCI-DSS, and data privacy requirements across global jurisdictions. Own audit readiness, evidence management, and regulator or customer response.
•    Budget and Vendor Ownership: Own the cybersecurity budget including capital and operating plans. Lead vendor selection, contract negotiation, and performance management for security technology partners and the MSSP. Optimize spend against risk reduction and control coverage. Maintain governance and oversight of the MSSP relationship.
•    IT and OT Security. Extend the security program to cover manufacturing operational technology (OT) and industrial control systems (ICS) at Sloan production sites. Partner with engineering and operations to apply appropriate controls for converged IT and OT environments without disrupting production.
•    Incident Response and Resilience. Establish and govern the enterprise incident response and cyber resilience program. Lead executive response during material incidents, conduct tabletop exercises, and provide security input and consulting on enterprise business continuity and disaster recovery planning owned by other IT functions.
•    Security Architecture Oversight. Set architectural standards for identity, network segmentation, cloud, endpoint, email, and data protection. Govern security configuration baselines, patching cadence, and exception management. Review major IT and business technology initiatives for security alignment.
•    Data Protection Program. Own the enterprise data protection program including data loss prevention, classification, encryption, and retention controls. Set standards
•    AI and Machine Learning Governance. Serve as an active stakeholder in enterprise AI and machine learning governance from a security perspective. Offer guidance and consult on acceptable use policies for AI tools, and lead security review of enterprise AI initiatives.
•    Independent Testing and Validation. Own the cybersecurity testing program including penetration testing and red team engagements. Use results to drive remediation priorities and program improvement.
•    Vulnerability Management and Asset Inventory. Govern the cybersecurity vulnerability management program including standards, prioritization, and oversight while the Manager owns execution and remediation activities. Serve as a stakeholder in enterprise asset inventory and visibility, with ownership held by other IT functions.
•    Threat Intelligence Program. Define and oversee the enterprise threat intelligence program including feed selection, source management, and integration with detection and response capabilities.
•    Automation and Orchestration. Drive process improvement through automation and security orchestration scoped to the cybersecurity tower. Identify opportunities to reduce manual effort and improve consistency across security operations.
•    Third Party Risk. Own the third party cybersecurity risk program covering SaaS, IaaS, managed service, and supplier relationships. Establish assessment standards, review SOC reports, and embed security requirements into procurement and contracting.
•    Team Leadership and Development. Lead, coach, and develop the cybersecurity team. Define roles, performance expectations, and career paths. Build a culture of accountability, follow through, and continuous improvement. Partner with HR on talent planning.
•    Security Awareness and Culture. Own the enterprise security awareness and training program. Drive behavior change across the workforce, tailor communications to
role-based risk, and measure program effectiveness. Serve as the cybersecurity ambassador to the enterprise from an educational program perspective.
•    Other duties and responsibilities as required.


Required Qualifications
•    Bachelor's Degree in Bachelor's degree in Information Technology, Computer Science, Cybersecurity, Engineering, or a related field, or equivalent professional experience.
•    3+ Years Experience presenting cybersecurity risk, strategy, and program status to executive leadership.
•    3+ Years Proven experience leading enterprise risk management, compliance, and governance programs in a corporate environment.
•    5+ Years Demonstrated progression of cybersecurity leadership experience with clear ownership of enterprise-scale security programs. Competency and track record weighted over years in role.
•    8+ Years Overall IT experience
•    Familiarity with control and regulatory frameworks including NIST CSF, CIS, PCI-DSS, and global data privacy requirements.
•    Hands-on experience owning security budgets, negotiating with technology vendors, and managing MSSP or outsourced security operations.
•    Working knowledge of security across cloud, endpoint, network, identity, and data domains, with the ability to lead technical teams without being the hands-on engineer.


Preferred Qualifications
•    CISSP
•    CISM
•    CRISC
•    CISA
•    Experience leading cybersecurity through acquisitions, divestitures, or major digital transformation programs.
•    Experience securing manufacturing environments including OT and ICS systems.
•    Prior experience in a manufacturing or industrial enterprise with both corporate IT and plant-level OT responsibilities.
•    Track record building security programs that align to business value and enable, rather than block, technology adoption including cloud, AI, and modern work tooling.

                                                                                 Why you’ll love working here:

Inclusive Culture: YOU Belong at Sloan

At Sloan, we are committed to fostering an inclusive and diverse workplace where diverse backgrounds and perspectives are embraced and celebrated. We proudly offer equal employment opportunities regardless of race, color, religion, sex, sexual orientation, gender identity and expression, national origin, disability, age, genetic information, marital status, political affiliation, veteran status, or any other characteristic protected by law.

Growth Opportunities: We invest in our employees’ professional development with ongoing training and career advancement opportunities.

Innovative Projects: Be part of exciting projects that push the boundaries of technology and have make a real difference in the world.

  Compensation:

The compensation range for this U.S.-based position is $ 189,990-211,100 annually.

This position is eligible to participate in the company incentive plan. The terms and conditions of the company incentive  plan will be provided to plan participants on an annual basis.

Our compensation range reflects our good faith estimate of what an ideal candidate can expect, but final agreed upon compensation will always be based on the individual candidate’s experience, skills, qualifications, and other job-related or market factors that may prove relevant during the hiring process.

Benefits:

  • Comprehensive Health Coverage: Medical (including prescription coverage), Dental, and Vision Insurance, effective the first of the month following your hire date.
  • Health Savings Account (HSA): With company contributions for most medical plan options.
  • Financial Security: Basic Life, Basic Accidental Death and Dismemberment, Short-term Disability, Long-term Disability, and Accident Insurance.
  •  
  • Additional Protection: Optional Life, Critical Illness, Hospital Indemnity, Legal, Pet Insurance, and Identity Theft Protection.
  • Convenient Commuter Benefits: Save on your daily commute.
  • Flexible Spending Accounts: Dependent Care FSA to help manage your expenses.
  • Wellness Support: Employee Assistance Plan and Wellness Programs to keep you healthy and happy.
  • Retirement Savings: 401(k) Retirement Savings Plan with a company match and immediate vesting.
  • Generous Time Off: Paid Holidays, Volunteer Time Off, Paid Time Off, Sick Leave, Military Leave, Parental Leave, Bereavement Leave, and other paid or unpaid state/local leaves where required.
  • Work-Life Balance: Hybrid Work Program to support your flexibility.
  • Employee Referral Program: Earn rewards for referring great talent.
  • Professional Development: Tuition Reimbursement Program to help you grow your skills.
  • Community and Networking: Join our Employee Business Groups and connect with colleagues.

We Are Proud Partners With the Chicago Cubs

We are a Legacy Partner of the Chicago Cubs and we are proud to be the organization’s official water efficiency partner! Through this relationship, which includes the naming rights to Sloan Park, the Cubs’ Spring Training facility in Mesa, Arizona, we have had the opportunity to promote our brand and continue our water conservation efforts in the city of Chicago and around the world.

JOIN AN INDUSTRY LEADER!

 

For additional company information please visit our website at www.sloan.com.

We Are An Equal Opportunity Employer.