Security Engineer; Hybrid

Are you a self-driven person looking to advance your career as a high-impact player on a team? If so, we have an exciting challenge for you and your future!

Our culture is built on value commitments to innovation, quality, results, integrity, community, people, and collaboration that fosters a strong employee engagement, teamwork, safety and wellness. We offer a competitive benefits package that includes health, dental, vision, wellness programs, employee discounts, retirement plans, tuition reimbursement, ongoing development, advancement opportunities and more.

Founded in 1846, today HP Hood is one of the largest and most trusted food and beverage manufacturers in the United States. Our portfolio of national and super-regional brands and licensed products includes Hood, Heluva Good, Lactaid, Blue Diamond Almond Breeze, Planet Oat and more.

We are unable to offer sponsorship or relocation assistance for this position at this time.

The Security Engineer supports the organization's security posture across infrastructure, applications, cloud services, and user access. This role focuses on implementing security controls, monitoring and responding to threats, improving system hardening, reducing attack surface, and driving security capabilities across the enterprise. The engineer collaborates closely with IT and business teams to ensure secure design, configuration, and operation of systems. The position requires a broad grounding across security domains.

• Implement, administer, and support security controls across cloud, on‑prem, and SaaS environments, ensuring secure configuration, hardening, and ongoing compliance.
• Manage and maintain cloud security tooling, configuration baselines, and policies, including URL filtering, SSL inspection rules, safelists, access controls, and policy updates, ensuring proper enforcement and alignment with organizational requirements.
• Administer and support endpoint protections (EDR/AV, XDR).
• Oversee identity lifecycle activities across enterprise systems, including account provisioning, role changes, SSO configurations, and travel or access exceptions for identity‑connected systems.
• Implement and support Conditional Access rules and Zero Trust policies, coordinating with IT and business units for impact analysis where necessary.
• Support MDM configurations, mobile device policy enforcement, and device compliance baselines.

• Monitor and investigate security alerts across XDR, EDR, cloud‑native logs, email security, and other detection platforms.
• Perform investigation into suspicious activity, phishing, abnormal user behavior, or endpoint anomalies, escalating as appropriate.
• Collaborate with the MDR provider to tune detections, resolve escalations, and improve visibility across the environment.
• Participate in the notification tree for incident response activities, including containment, triage, and documentation.
• Support ongoing improvements to detection visibility, monitoring coverage, and threat‑related process enhancements.

• Assist with regular vulnerability scans, ensuring results are distributed, prioritized, and tracked to remediation.
• Work with IT, application owners, and engineering teams to ensure patching, configuration, and remediation efforts are completed.
• Monitor configuration drift, GPO proposal reviews, and baseline deviations, coordinating with responsible teams for corrections.
• Identify and reduce attack surface across cloud resources, identities, endpoints, and user access pathways.

• Maintain and update SOPs, playbooks, actionable incident reports, investigation summaries, configuration documentation, and technical runbooks for recurring tasks and incident handling.
• Collaborate with IT, network, and application teams to drive secure design, troubleshoot issues, and ensure security requirements are incorporated into ongoing projects.
• Stay current with emerging threats, evolving cloud features, and industry best practices to continuously strengthen…