Cybersecurity Engineer
Chicago, IL, USA
JOB SUMMARY
The Cybersecurity Engineer is a hands-on individual contributor role responsible for executing and improving the organization’s cybersecurity program across identity, cloud, endpoint, and infrastructure environments. This position blends engineering, administration, and light architecture, with a strong emphasis on directly getting work done, closing gaps, and driving security improvements to completion.
This role is responsible for directly executing security improvements, validating configurations, driving remediation items to closure, and partnering with IT and business teams to improve day-to-day security outcomes. The role supports a global, mid-sized environment and works closely with internal teams and external security partners to reduce risk in a practical, scalable way. The position aligns to NIST CSF 2.0 and contributes to the organization’s progression toward ISO 27001.
DIRECT REPORTS
None
SCOPE & ACCOUNTABILITY
· Directly execute cybersecurity initiatives and own projects through completion
· Improve security posture across identity, cloud, and endpoint environments
· Standardize configurations, access controls, and security practices
· Coordinate security operations with external partners (MDR/SOC) while ensuring internal follow-through
· Provide direct follow-up and accountability for user-driven security risks
· Drive remediation items to closure across teams and stakeholders
KEY RESPONSIBILITIES
Cybersecurity Execution & Operations
· Drive and directly execute day-to-day cybersecurity work across infrastructure, systems, and users
· Identify gaps and implement practical, defensible improvements
· Lead remediation efforts, ensuring issues are tracked through to closure
· Maintain clear documentation, standards, and operational consistency
Identity & Access Management
· Lead administration and improvement of Active Directory and Entra ID environments
· Drive cleanup, standardization, and access control improvements
· Implement and refine SSO, MFA, and conditional access policies
· Strengthen identity governance, privilege management, and lifecycle practices
Microsoft 365 & Azure Security
· Support secure configuration and ongoing improvement of Microsoft 365 services
· Assist with Azure security posture, access control, and configuration reviews
· Partner with infrastructure teams to ensure consistent cloud security practices
Security Operations & MDR Coordination
· Act as primary internal point of coordination with MDR/SOC providers
· Review alerts, incidents, and findings, and ensure follow-through and remediation
· Coordinate vulnerability remediation with system and application owners, driving closure
· Improve response workflows and operational visibility
Security Awareness & Phishing
· Coordinate phishing simulations and awareness campaigns; follow up directly with users who fail simulations (coaching, remediation, accountability)
· Work with managers as needed to reinforce expectations
· Improve program effectiveness through targeted follow-up and measurable outcomes
Endpoint, MDM & Windows Security
· Support endpoint security and device management (Intune, MDM)
· Execute and contribute to Windows administration where it impacts security posture
· Help enforce consistent configuration and compliance standards
Emerging Risk & Technology Areas
· Provide input on secure software development practices
· Support evaluation and governance of AI tools and associated risks (awareness-oriented, not deep research role)
· Contribute to security considerations for IoT and retail/digital display environments
· Ensure security is incorporated into new systems and deployments in a practical, risk-based manner
KEY INTERFACES (NON-REPORTING)
· IT Infrastructure & Support Teams
· External MDR / SOC Providers
· Application Owners (e.g., ERP, CRM, M365)
· Business Stakeholders and Department Leaders
· Technology Vendors
KEY PERFORMANCE INDICATORS
Success in this role will be measured against metrics including but not limited to:
· Completion and quality of security projects and remediation efforts
· Improvement in identity hygiene and access control consistency
· Timeliness of incident and vulnerability follow-through
· Reduction in repeat security issues
· Effectiveness of phishing follow-up and awareness outcomes
QUALIFICATIONS
Ideal Candidate Profile
· Hands-on background in IT, infrastructure, identity, endpoint administration, security operations, or cybersecurity
· Comfortable working across hybrid identity, Microsoft 365/Azure, and endpoint environments
· Proven track record of driving technical work to completion across multiple teams
Experience
· 5+ years of experience in IT, infrastructure, identity, endpoint administration, security operations, or cybersecurity in a hands-on role
· Experience working across infrastructure, identity, and cloud environments
· Experience coordinating with MDR/SOC or managed security providers
· Track record of executing and completing technical projects
Technical Skills
Strong working knowledge of:
· Active Directory and Entra ID
· Identity and access management (IAM) concepts
· Microsoft 365 security and administration
· Azure security fundamentals
· Windows administration
· Endpoint and device management (Intune / MDM)
Familiarity with:
· EDR, SIEM, and vulnerability management workflows
· Email security platforms
· Secure software development concepts
· IoT and distributed endpoint environments
· AI tools and related security considerations
Environment (Preferred Exposure)
· Hybrid identity environments (on-prem + cloud)
· Microsoft 365, Azure, and enterprise SaaS platforms
· ERP systems (including Dynamics 365)
· Multi-site, global organizations
LEADERSHIP ATTRIBUTES & PERSONAL CHARACTERISTICS
· Pragmatic and execution-focused
· Strong follow-through and ownership mindset
· Comfortable working directly with users and holding accountability
· Clear, direct communicator
· Organized and able to manage multiple priorities
· Able to operate independently without heavy oversight
· Comfortable moving between engineering, administration, and security operations work
#LI-Hybrid
ESSENTIAL FUNCTIONS
Working conditions are in a normal office environment. While performing the duties of this job, the employee is regularly required to walk, sit, and stand, using hands to handle, finger, or feel objects, tools, or controls. Occasionally, the employee must crouch or kneel. The employee must occasionally exert or lift up to 20 pounds. Successful performance requires good eyesight with or without corrective lenses. Requires long periods of time working at a computer and includes phone work.
DISCLAIMER
The above information has been designed to indicate the general nature and level of work performed by employees within this classification and may be amended at any time at the sole discretion of the Employer. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications required of employees assigned to this job.