SummaryWe are seeking a highly technical, hands-on
IT Security Engineer to help build and mature the cybersecurity program of a food & beverage manufacturing organization. This role is ideal for a driven, detail-oriented engineer who enjoys hardening systems, securing networks, performing technical investigations, and working side-by-side with IT and OT teams to improve our security posture.
You will be the primary "hands-on keyboard" technical resource supporting cybersecurity initiatives and will partner closely with our IT teams, and our MSSP SOC.
Key Responsibilities- Review alerts and escalations from the MSSP to validate severity, impact, and required actions.
- Conduct technical investigation steps and support containment, eradication, and recovery activities.
- Harden and secure Windows servers, Windows clients, virtual machines, and other IT infrastructure.
- Ensure secure configuration, deployment, and management of endpoint protection (SentinelOne).
- Collaborate with the IT infrastructure team to ensure secure configurations across firewalls, switches, and network segments.
- Support network security improvements such as segmentation, least privilege network access, and secure remote access.
- Perform firewall rule reviews and contribute to network hardening efforts.
- Support secure configuration of identity platforms.
- Enforce role-based access controls, privileged access hygiene, and identity hardening standards.
- Work with the MSSP to ensure vulnerability scans are properly executed and tuned.
- Validate findings, prioritize risk, and coordinate remediation work with system and network teams.
- Lead patching and configuration remediation efforts for high-risk assets.
- Work with developers to identify, prioritize, and fix security issues (OWASP Top 10).
- Conduct security reviews of applications and servers.
- Collaborate with OT engineers to understand legacy systems, PLCs, and plant-floor constraints and assist in implementation of OT network segmentation and ICS security controls.
- Actively monitor emerging threats affecting OT and IT environments.
- Conduct periodic threat modeling for high-risk applications and systems.
Required Qualifications- 5-8+ years of experience in IT security engineering, SOC, or incident response roles.
- Strong hands-on experience with: Windows Server and client security; Network and firewall security; Endpoint security tools; MFA and identity systems.
- Strong knowledge of Active Directory and identity security best practices.
- Practical experience hardening servers, endpoints, and network devices.
- Familiarity with log analysis and security event triage.
- Comfort working directly with SOC alerts and vulnerability scan reports.
- Understanding of security frameworks (NIST CSF, CIS Controls, SOC 2).
- Strong documentation habits and process-oriented mindset.
Preferred Qualifications- Experience in manufacturing, industrial, or OT/ICS environments.
- Working knowledge of PLCs, or ISA/IEC 62443 principles.
- Familiarity with Office 365 security configuration and best practices.
- Experience automating workflows using PowerShell or Python.
- Exposure to segmentation projects or Zero Trust principles.
- Relevant certifications: GSEC, GCED, GCIH, GDSA, GDAT, GICSP, GCIP, and GRID
Work Authorization Notice: Please note that we do not provide visa sponsorship or immigration support for this position. Applicants must already be authorized to work in the United States on a full-time, permanent basis without the need for current or future sponsorship.
The salary for this position is determined by a combination of experience, skills, and education level. The compensation range is $125K-135k annually.
#MCB
