Manager, Cyber Security

About mSupply TM mSupply is North America’s leading distributor of OEM repair parts and equipment, serving professionals in the appliance, HVAC, plumbing, commercial kitchen, and pool/spa industries. Headquartered in St. Louis, MO, mSupply is a multi-billion-dollar enterprise offering an extensive product range, industry expertise, and seamless service. With more than 2,000 associates across the U.S. and Canada, mSupply’s family of brands delivers with speed, reliability, and precision through its branches, distribution centers, and extensive fleet of delivery vehicles. Shipped orders reach 93% of U.S. customers via next-day ground delivery and 100% within two days. For more information, visit mSupply.com. Job Summary The Cybersecurity Manager is a hands-on operational role that executes the organization's security program under the direction of the VP of IT Security. The Manager leads two Security Analysts, coordinates as a peer with the Senior Security Analyst, and works alongside the Security Administrator on deployments and operational support. This is a practitioner role requiring strong technical execution, compliance experience, and the ability to operate effectively in a focused security environment. Job Duties & Responsibilities Lead daily alert triage, threat monitoring, and incident response across endpoint, network, and cloud environments Manage EDR/MDR and SIEM tooling within standards defined by the VP; serve as primary operational contact with MSSP providers Own the incident response process — contain, investigate, remediate, and document security events; conduct post-incident reviews and brief the VP on significant findings Monitor email security gateway activity and escalate threats or policy exceptions; coordinate with the Security Administrator who handles day-to-day gateway ticket management Direct and develop two Security Analysts — set priorities, manage workload, conduct performance reviews, and serve as the escalation point for investigations and technical decisions Execute and maintain PCI DSS controls within the program scope defined by the VP; coordinate evidence gathering and support annual assessment activities Support ISO 27001 control execution and documentation; work alongside the Security Administrator on evidence coordination as directed by the VP Conduct periodic vulnerability scans, track findings, and drive remediation to closure in coordination with IT infrastructure teams Manage logistics and remediation tracking for external penetration testing engagements within scope established by the VP Administer EDR, SIEM, and vulnerability scanning tools within the architecture defined by the VP, coordinate with the Security Administrator on broader environment deployments and rollouts Collaborate with IT infrastructure teams on firewall rules, network segmentation, and secure configuration baselines, surface recommendations to the VP Participate in security reviews for new technology projects, vendor onboarding, and system changes; escalate decisions or concerns requiring VP approval Prepare organized security metrics, operational status reports, and incident summaries for the VP to support leadership briefings and program decisions Maintain day-to-day working relationships with security vendors and MSSPs; escalate contract decisions and strategic concerns to the VP Support the organization's cyber insurance program by coordinating documentation and questionnaire responses under VP direction Collaborate with IT, legal, HR, and operations on day-to-day security matters; escalate issues with broader organizational impact to the VP

Qualifications

Education & Experience Bachelor's degree in Cybersecurity, IT, or related field — or equivalent experience 5+ years in information security with at least 2 years in a lead or supervisory role Hands-on experience with PCI DSS and ISO 27001 required Technical Skills EDR/MDR platforms — SentinelOne, CrowdStrike, Arctic Wolf, or similar Email security platforms — Proofpoint, Mimecast, or similar Identity and access management — Okta required; SSO, MFA, and RBAC administration SIEM, vulnerability scanning (Tenable, Qualys), and network security fundamentals Cloud security basics — Microsoft 365, Azure, or AWS Certifications (Preferred) CISSP, CISM, Security+, or equivalent certification strongly preferred ISO 27001 Lead Implementer or Lead Auditor, PCI ISA, or CISA is a plus Competencies Strong written and verbal communication skills — able to translate technical risk into business-relevant terms Organized and detail-oriented with the ability to manage multiple priorities in a lean security environment Collaborative working style with a track record of building relationships across IT and non-technical business units Sound judgment and decisiveness under pressure — particularly during active security events Self-directed and proactive — comfortable operating in a remote work, high-ownership environment Physical Demands & Work Environment This position may require over 40 hours per week and includes regular physical activity such as: This position is primarily remote based with occasional travel to office locations as needed On-call availability may be required during security incidents or critical system events This is a full-time, exempt position; hours may vary based on operational needs What We Offer: We prioritize your well-being from day one with a comprehensive benefits package that includes: Medical, dental, vision, and prescription coverage effective immediately 401(k) plan with company contributions Life insurance and short- and long-term disability coverage HSA/FSA options and an Employee Assistance Program (EAP) Paid time off, including vacation, holidays, and personal days Weekly pay, employee discounts, and more Equal Employment Opportunity & Pre-Employment Requirements mSupply is an Equal Opportunity Employer. We make employment decisions without regard to sex, age, race, color, creed, religion, national origin, citizenship or immigration status, sexual orientation, gender identity or expression, disability, genetic information, marital status, veteran or military status, or any other status protected by applicable federal, state, or local law. We are committed to providing reasonable accommodations for qualified individuals with disabilities and to applicants with sincerely held religious beliefs, in accordance with applicable law. To request a reasonable accommodation, please contact [email protected]. Final offers of employment may be contingent upon completion of job-related pre-employment checks and screenings permitted by law for the position. For roles that require operation of a company vehicle, a Motor Vehicle Record (MVR) check may also be conducted to determine insurability. This employer participates in E-Verify to confirm employment eligibility in the United States. #mSupply Apply To This Job