IT Security Engineer at Kens Foods

Summary We are seeking a highly technical, hands-on IT Security Engineer to help build and mature the cybersecurity program of a food & beverage manufacturing organization. This role is ideal for a driven, detail-oriented engineer who enjoys hardening systems, securing networks, performing technical investigations, and working side-by-side with IT and OT teams to improve our security posture. You will be the primary "hands-on keyboard" technical resource supporting cybersecurity initiatives and will partner closely with our IT teams, and our MSSP SOC. Key Responsibilities Review alerts and escalations from the MSSP to validate severity, impact, and required actions. Conduct technical investigation steps and support containment, eradication, and recovery activities. Harden and secure Windows servers, Windows clients, virtual machines, and other IT infrastructure. Ensure secure configuration, deployment, and management of endpoint protection (SentinelOne). Collaborate with the IT infrastructure team to ensure secure configurations across firewalls, switches, and network segments. Support network security improvements such as segmentation, least privilege network access, and secure remote access. Perform firewall rule reviews and contribute to network hardening efforts. Support secure configuration of identity platforms. Enforce role-based access controls, privileged access hygiene, and identity hardening standards. Work with the MSSP to ensure vulnerability scans are properly executed and tuned. Validate findings, prioritize risk, and coordinate remediation work with system and network teams. Lead patching and configuration remediation efforts for high-risk assets. Work with developers to identify, prioritize, and fix security issues (OWASP Top 10). Conduct security reviews of applications and servers. Collaborate with OT engineers to understand legacy systems, PLCs, and plant-floor constraints and assist in implementation of OT network segmentation and ICS security controls. Actively monitor emerging threats affecting OT and IT environments. Conduct periodic threat modeling for high-risk applications and systems. Required Qualifications 5-8+ years of experience in IT security engineering, SOC, or incident response roles. Strong hands-on experience with: Windows Server and client security; Network and firewall security; Endpoint security tools; MFA and identity systems. Strong knowledge of Active Directory and identity security best practices. Practical experience hardening servers, endpoints, and network devices. Familiarity with log analysis and security event triage. Comfort working directly with SOC alerts and vulnerability scan reports. Understanding of security frameworks (NIST CSF, CIS Controls, SOC 2). Strong documentation habits and process-oriented mindset. Preferred Qualifications Experience in manufacturing, industrial, or OT/ICS environments. Working knowledge of PLCs, or ISA/IEC 62443 principles. Familiarity with Office 365 security configuration and best practices. Experience automating workflows using PowerShell or Python. Exposure to segmentation projects or Zero Trust principles. Relevant certifications: GSEC, GCED, GCIH, GDSA, GDAT, GICSP, GCIP, and GRID Work Authorization Notice: Please note that we do not provide visa sponsorship or immigration support for this position. Applicants must already be authorized to work in the United States on a full-time, permanent basis without the need for current or future sponsorship. The salary for this position is determined by a combination of experience, skills, and education level. The compensation range is $125K-135k annually.