IT Security Engineer

We are seeking a highly technical, hands-on IT Security Engineer to help build and mature the cybersecurity program of a food & beverage manufacturing organization. This role is ideal for a driven, detail-oriented engineer who enjoys hardening systems, securing networks, performing technical investigations, and working side-by-side with IT and OT teams to improve our security posture.

You will be the primary "hands-on keyboard" technical resource supporting cybersecurity initiatives and will partner closely with our IT teams, and our MSSP SOC., * Review alerts and escalations from the MSSP to validate severity, impact, and required actions.

• Conduct technical investigation steps and support containment, eradication, and recovery activities.

• Harden and secure Windows servers, Windows clients, virtual machines, and other IT infrastructure.

• Ensure secure configuration, deployment, and management of endpoint protection (SentinelOne).

• Collaborate with the IT infrastructure team to ensure secure configurations across firewalls, switches, and network segments.

• Support network security improvements such as segmentation, least privilege network access, and secure remote access.

• Perform firewall rule reviews and contribute to network hardening efforts.

• Support secure configuration of identity platforms.

• Enforce role-based access controls, privileged access hygiene, and identity hardening standards.

• Work with the MSSP to ensure vulnerability scans are properly executed and tuned.

• Validate findings, prioritize risk, and coordinate remediation work with system and network teams.

• Lead patching and configuration remediation efforts for high-risk assets.

• Work with developers to identify, prioritize, and fix security issues (OWASP Top 10).

• Conduct security reviews of applications and servers.

• Collaborate with OT engineers to understand legacy systems, PLCs, and plant-floor constraints and assist in implementation of OT network segmentation and ICS security controls.

• Actively monitor emerging threats affecting OT and IT environments.

• Conduct periodic threat modeling for high-risk applications and systems.

• 5-8+ years of experience in IT security engineering, SOC, or incident response roles.
• Strong hands-on experience with: Windows Server and client security; Network and firewall security; Endpoint security tools; MFA and identity systems.
• Strong knowledge of Active Directory and identity security best practices.
• Practical experience hardening servers, endpoints, and network devices.
• Familiarity with log analysis and security event triage.
• Comfort working directly with SOC alerts and vulnerability scan reports.
• Understanding of security frameworks (NIST CSF, CIS Controls, SOC 2).
• Strong documentation habits and process-oriented mindset., * Experience in manufacturing, industrial, or OT/ICS environments.
• Working knowledge of PLCs, or ISA/IEC 62443 principles.
• Familiarity with Office 365 security configuration and best practices.
• Experience automating workflows using PowerShell or Python.
• Exposure to segmentation projects or Zero Trust principles.
• Relevant certifications: GSEC, GCED, GCIH, GDSA, GDAT, GICSP, GCIP, and GRID

Work Authorization Notice: Please note that we do not provide visa sponsorship or immigration support for this position. Applicants must already be authorized to work in the United States on a full-time, permanent basis without the need for current or future sponsorship.

The salary for this position is determined by a combination of experience, skills, and education level. The compensation range is $125K-135k annually.