IT Security Engineer

Job Description

Job Description

Job Title : Security Engineer

Department : Technology

Reports To : VP of Technology

Pay Range : $150,000 - $175,000 per year, depending on experience

FLSA Status : Exempt

WHO WE ARE :

Bay State Milling Company is a family-owned leader in grain-based food ingredients, proudly serving the industry since 1899. For over 125 years, we’ve been on a mission to promote the growth of nutritious, sustainable, and accessible food choices. Our portfolio spans flours, grains, seeds, and innovative plant-based ingredients, all crafted to meet evolving consumer demands for healthfulness, great taste, and affordability.

Rooted in five generations of ownership, we combine deep milling expertise with forward-thinking innovation. From our flagship mill in Winona, Minnesota to facilities across North America, we partner with growers and customers to deliver quality and trust at every step. Guided by our core values—Integrity, Creativity, Collaboration, Caring, and Quality—we relentlessly pursue better for the food system and the communities we serve.

JOB SUMMARY :

The Security Engineer plays a critical role in safeguarding Bay State Milling’s digital assets, infrastructure, and data. This position is responsible for designing, implementing, and maintaining security solutions that protect against cyber threats and ensure compliance with industry standards and regulatory requirements. The Security Engineer collaborates closely with all areas of the technology team and business stakeholders to assess risks, respond to incidents, and continuously improve the company’s security posture.

ROLE & RESPONSIBILITIES :

• Design and implement secure network, system, and application architectures.
• Evaluate and deploy security tools, technologies, and frameworks.
• Monitor systems for security breaches and investigate incidents.
• Lead response efforts for security events, including containment, remediation, and reporting.
• Conduct regular vulnerability assessments and penetration testing.
• Coordinate remediation efforts with infrastructure and application teams.
• Ensure compliance with internal policies, industry standards (e.g., NIST, ISO 27001), and regulatory requirements.
• Support audits and risk assessments and maintain documentation of security controls.
• Develop and deliver security awareness programs for employees.
• Provide guidance and training to technical teams on secure coding and system hardening.
• Manage and enforce identity and access controls across systems and applications.
• Implement role-based access and least privilege principles.
• Integrate security into cloud environments and CI / CD pipelines.
• Collaborate with Development teams to embed security into development workflows.
• Stay current with emerging threats, technologies, and best practices.
• Recommend and implement improvements to security policies, procedures, and tools.

MINIMUM EDUCATION & WORK REQUIREMENTS :

KNOWLEDGE, SKILLS, AND ABILITIES :