Cloud Security Engineer

Are you a self-driven person looking to advance your career as a high-impact player on a team? If so, we have an exciting challenge for you and your future!

Our culture is built on value commitments to innovation, quality, results, integrity, community, people, and collaboration that fosters a strong employee engagement, teamwork, safety and wellness. We offer a competitive benefits package that includes health, dental, vision, wellness programs, employee discounts, retirement plans, tuition reimbursement, ongoing development, advancement opportunities and more.

Founded in 1846, today HP Hood is one of the largest and most trusted food and beverage manufacturers in the United States. Our portfolio of national and super-regional brands and licensed products includes Hood, Heluva Good, Lactaid, Blue Diamond Almond Breeze, Planet Oat and more.

We are unable to offer sponsorship or relocation assistance for this position at this time.

Job Summary:

The Security Engineer supports the organization’s security posture across infrastructure, applications, cloud services, and user access. This role focuses on implementing security controls, monitoring and responding to threats, improving system hardening, reducing attack surface, and driving security capabilities across the enterprise. The engineer collaborates closely with IT and business teams to ensure secure design, configuration, and operation of systems. The position requires a broad grounding across security domains.

Essential Duties and Responsibilities:

Security Engineering & Operations

• Implement, administer, and support security controls across cloud, on-prem, and SaaS environments, ensuring secure configuration, hardening, and ongoing compliance.
• Manage and maintain cloud security tooling, configuration baselines, and policies, including URL filtering, SSL inspection rules, safelists, access controls, and policy updates, ensuring proper enforcement and alignment with organizational requirements.
• Administer and support endpoint protections (EDR/AV, XDR).
• Oversee identity lifecycle activities across enterprise systems, including account provisioning, role changes, SSO configurations, and travel or access exceptions for identity-connected systems.
• Implement and support Conditional Access rules and Zero Trust policies, coordinating with IT and business units for impact analysis where necessary.
• Support MDM configurations, mobile device policy enforcement, and device compliance baselines.

Threat Detection, Monitoring & Incident Response

• Monitor and investigate security alerts across XDR, EDR, cloud-native logs, email security, and other detection platforms.
• Perform investigation into suspicious activity, phishing, abnormal user behavior, or endpoint anomalies, escalating as appropriate.
• Collaborate with the MDR provider to tune detections, resolve escalations, and improve visibility across the environment.
• Participate in the notification tree for incident response activities, including containment, triage, and documentation.
• Support ongoing improvements to detection visibility, monitoring coverage, and threat-related process enhancements.

Vulnerability & Configuration Management

• Assist with regular vulnerability scans, ensuring results are distributed, prioritized, and tracked to remediation.
• Work with IT, application owners, and engineering teams to ensure patching, configuration, and remediation efforts are completed.
• Monitor configuration drift, GPO proposal reviews, and baseline deviations, coordinating with responsible teams for corrections.
• Identify and reduce attack surface across cloud resources, identities, endpoints, and user access pathways.

Documentation, Collaboration & Continuous Improvement

• Maintain and update SOPs, playbooks, actionable incident reports, investigation summaries, configuration documentation, and technical runbooks for recurring tasks and incident handling.
• Collaborate with IT, network, and application teams to drive secure design, troubleshoot issues, and ensure security requirements are incorporated into ongoing projects.
• Stay current with emerging threats, evolving cloud features, and industry best practices to continuously strengthen the security posture.

Other:

• Participate in projects for the Information Security team, adhering to established timelines.
• Be an active member in evaluating new security technologies, assisting with proof-of-concepts, integration testing, and phased rollouts.
• Contribute to maturing operational security processes through documentation, process improvement, and repeatable workflows.
• Continue professional development by participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations. Crosstrain on various business software applications and infrastructure used at the company.
• Travel (which will include overnights) to company sites, external vendors and training sites as needed.

Education and Experience:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field; or Equivalent experience (4–6 years hands-on security/IT engineering work)
• Solid understanding of cybersecurity fundamentals including:
  • Network security
  • Identity and access management
  • Cloud security concepts
  • Operating system hardening
  • Vulnerability management
  • Incident response lifecycle
  • Zero Trust principles
  • Strong grasp of security frameworks such as NIST CSF, NIST 800-53, CIS Controls, or ISO 27001.
• Relevant certifications a plus
• Hands on knowledge of SASE, SWG, CASB, and other ZeroTrust concepts. Experience with implementation a plus.

Skills and Competencies:

• Ability to learn/work with emerging technologies, methodologies, and solutions in the cloud/IT technology space.
• Possesses strong written and verbal communication skills.
• Establishes and maintains effective relationships. Strong customer service skills.
• Attention to detail; highly accurate.
• Highly organized and methodical; strong adherence to policies and procedures.
• Well established critical thinking skills.
• Ability to create effective, scalable, and sustainable processes and procedures in a rapid moving environment.
• Competent to develop, document and articulate incident and breach reports.

Exact compensation may vary based on skills, experience and location.

HP Hood is an Equal Opportunity Employer

Female/Minority/Veteran/Disabled

"VERVRAA Federal Contractor"

Privacy Policy

CCPA

For Applicants in Massachusetts - It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Employment is subject to verification of an applicant’s identity and eligibility for employment in the United States as required by immigration laws. We are unable to assist with sponsorship at this time.