Manager, Cyber Security

About mSupply TM 
mSupply is North America’s leading distributor of OEM repair parts and equipment, serving professionals in the appliance, HVAC, plumbing, commercial kitchen, and pool/spa industries. Headquartered in St. Louis, MO, mSupply is a multi-billion-dollar enterprise offering an extensive product range, industry expertise, and seamless service. With more than 2,000 associates across the U.S. and Canada, mSupply’s family of brands delivers with speed, reliability, and precision through its branches, distribution centers, and extensive fleet of delivery vehicles. Shipped orders reach 93% of U.S. customers via next-day ground delivery and 100% within two days. For more information, visit mSupply.com. 

Job Summary

The Cybersecurity Manager is a hands-on operational role that executes the organization's security program under the direction of the VP of IT Security. The Manager leads two Security Analysts, coordinates as a peer with the Senior Security Analyst, and works alongside the Security Administrator on deployments and operational support. This is a practitioner role requiring strong technical execution, compliance experience, and the ability to operate effectively in a focused security environment.

Job Duties & Responsibilities

Lead daily alert triage, threat monitoring, and incident response across endpoint, network, and cloud environments

Manage EDR/MDR and SIEM tooling within standards defined by the VP; serve as primary operational contact with MSSP providers

Own the incident response process — contain, investigate, remediate, and document security events; conduct post-incident reviews and brief the VP on significant findings

Monitor email security gateway activity and escalate threats or policy exceptions; coordinate with the Security Administrator who handles day-to-day gateway ticket management

Direct and develop two Security Analysts — set priorities, manage workload, conduct performance reviews, and serve as the escalation point for investigations and technical decisions

Execute and maintain PCI DSS controls within the program scope defined by the VP; coordinate evidence gathering and support annual assessment activities

Support ISO 27001 control execution and documentation; work alongside the Security Administrator on evidence coordination as directed by the VP

Conduct periodic vulnerability scans, track findings, and drive remediation to closure in coordination with IT infrastructure teams

Manage logistics and remediation tracking for external penetration testing engagements within scope established by the VP

Administer EDR, SIEM, and vulnerability scanning tools within the architecture defined by the VP, coordinate with the Security Administrator on broader environment deployments and rollouts

Collaborate with IT infrastructure teams on firewall rules, network segmentation, and secure configuration baselines, surface recommendations to the VP

Participate in security reviews for new technology projects, vendor onboarding, and system changes; escalate decisions or concerns requiring VP approval

Prepare organized security metrics, operational status reports, and incident summaries for the VP to support leadership briefings and program decisions

Maintain day-to-day working relationships with security vendors and MSSPs; escalate contract decisions and strategic concerns to the VP

Support the organization's cyber insurance program by coordinating documentation and questionnaire responses under VP direction

Collaborate with IT, legal, HR, and operations on day-to-day security matters; escalate issues with broader organizational impact to the VP

Qualifications

Education & Experience

Bachelor's degree in Cybersecurity, IT, or related field — or equivalent experience

5+ years in information security with at least 2 years in a lead or supervisory role

Hands-on experience with PCI DSS and ISO 27001 required

Technical Skills

EDR/MDR platforms — SentinelOne, CrowdStrike, Arctic Wolf, or similar

Email security platforms — Proofpoint, Mimecast, or similar

Identity and access management — Okta required; SSO, MFA, and RBAC administration

SIEM, vulnerability scanning (Tenable, Qualys), and network security fundamentals

Cloud security basics — Microsoft 365, Azure, or AWS

Certifications (Preferred)

CISSP, CISM, Security+, or equivalent certification strongly preferred

ISO 27001 Lead Implementer or Lead Auditor, PCI ISA, or CISA is a plus

Competencies

Strong written and verbal communication skills — able to translate technical risk into business-relevant terms

Organized and detail-oriented with the ability to manage multiple priorities in a lean security environment

Collaborative working style with a track record of building relationships across IT and non-technical business units

Sound judgment and decisiveness under pressure — particularly during active security events

Self-directed and proactive — comfortable operating in a remote work, high-ownership environment

Physical Demands & Work Environment

This position may require over 40 hours per week and includes regular physical activity such as:

This position is primarily remote based with occasional travel to office locations as needed

On-call availability may be required during security incidents or critical system events

This is a full-time, exempt position; hours may vary based on operational needs

What We Offer:

We prioritize your well-being from day one with a comprehensive benefits package that includes:

Medical, dental, vision, and prescription coverage effective immediately

401(k) plan with company contributions

Life insurance and short- and long-term disability coverage

HSA/FSA options and an Employee Assistance Program (EAP)

Paid time off, including vacation, holidays, and personal days

Weekly pay, employee discounts, and more

Equal Employment Opportunity & Pre-Employment Requirements

mSupply is an Equal Opportunity Employer. We make employment decisions without regard to sex, age, race, color, creed, religion, national origin, citizenship or immigration status, sexual orientation, gender identity or expression, disability, genetic information, marital status, veteran or military status, or any other status protected by applicable federal, state, or local law.  

We are committed to providing reasonable accommodations for qualified individuals with disabilities and to applicants with sincerely held religious beliefs, in accordance with applicable law. To request a reasonable accommodation, please contact careers@msupply.com.  

Final offers of employment may be contingent upon completion of job-related pre-employment checks and screenings permitted by law for the position. For roles that require operation of a company vehicle, a Motor Vehicle Record (MVR) check may also be conducted to determine insurability. This employer participates in E-Verify to confirm employment eligibility in the United States.  #mSupply