Job Description:\n\nThis is an office based position with a base location in Louisville, KY. What the Role Is The Information Security Engineer is responsible for strengthening and supporting Heaven Hill’s cybersecurity program. This hands-on technical role focuses on implementation, monitoring, and continuous improvement of security controls across cloud and on-premise environments. The Engineer supports governance and risk management efforts and plays a key role in incident response and in deploying and maintaining secure technology solutions. This position will collaborate with IT and business units to ensure Heaven Hill’s data and systems remain resilient against evolving threats, while helping enable secure and efficient access through identity and access management solutions. This role is instrumental in advancing Heaven Hill’s overall security maturity and ensuring that cybersecurity enables, rather than limits, innovation and operational excellence. How You Will Spend Your Time? Security Engineering & OperationsDesign, implement, monitor, and maintain security controls across cloud, identity, endpoint, and network environments.Implement and manage Privileged Access Management (PAM) and Role-Based Access Control (RBAC) programs that align with business needs and support POLP (Principle of Least Privilege).Support and enhance Identity Management solutions, including user provisioning, Single Sign-On (SSO) integrations, and secure application configurations.Support secure configuration and hardening of Windows and Linux servers, as well as Windows and macOS workstations.Manage and maintain DNS and domain registrar configurations to ensure secure and reliable name resolution and domain integrity.Implement, integrate, and manage authentication, including Kerberos, FIDO2, Smart Cards, passkeys, certificate-based authentication, and TLS or key management solutions.Administer and support Public Key Infrastructure (PKI), including certificate issuance, renewal, and lifecycle management.Perform vulnerability scanning and coordinate remediation activities.Administer and optimize core security platforms such as endpoint detection and response (EDR) and security information and event management (SIEM) systems, including alert tuning, integration, and incident response support.Develop and maintain automation or scripting (e.g., PowerShell, Python) to improve efficiency in security monitoring, configuration management, and response processes.Monitor security events, investigate incidents, perform root cause analysis, and drive post-incident improvements.Collaborate with IT and business teams to ensure security considerations are integrated into infrastructure and project planning from the outset. Risk & GovernanceConduct and document formal risk assessments, identify, evaluate, and communicate risk mitigation strategies.Develop, update, and maintain cybersecurity policies, standards, and procedures aligned with the NIST framework.Partner across the business to build awareness, ensure accountability, and foster a risk-informed culture.Support security aspects of vendor assessments and technology evaluations. Collaboration & Continuous ImprovementProvide security guidance for new initiatives, integrations, and system changes.Contribute to incident response planning, tabletop exercises, and lessons-learned reviews.Develop, maintain, and refine security operations and incident response playbooks to support consistent and effective response activities.Stay informed on emerging threats, technologies, and best practices relevant to manufacturing and spirits production environments. Who You Are… Required Skills and Experience:Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or equivalent experience along with Information Technology related associate's degree.Minimum 5 years of experience in cybersecurity engineering and/or IT engineering.Strong cloud security experience, including the design input, configuration, and operation of controls in cloud and hybrid environments.Hands-on experience with Microsoft Entra ID (Azure AD), including Conditional Access, identity lifecycle management, and integration within hybrid Active Directory environments.Experience with enterprise email security, endpoint protection, network security, data protection.Experience implementing and managing Microsoft Purview for data protection, governance, and compliance.Experience supporting third-party risk management or vendor assessments.Strong understanding of identity, endpoint, and network security architectures and their integration across enterprise environments.Experience performing root cause analysis during and after security incidents.Experience developing or contributing to security documentation such as policies, standards, or procedures.Strong communication skills across technical and non-technical audiences.Experience in manufacturing or industrial environments.Familiarity with OT/ICS security principles, including network segmentation, asset visibility, and industrial protocol security. Valued but not Required Skills and Experience:Professional certifications such as CISSP, CISM, CRISC, or equivalent.Understanding secure application deployment or DevSecOps principles. Physical Requirements While performing duties of job, employee is occasionally required to:Stand; walk; use hands and fingers to handle or feel objects; use a computer; and reach with hands and arms.Occasionally lift and/or move up to 20 pounds. BenefitsPaid Vacation11 Paid HolidaysHealth, Dental & Vision eligibility from day oneFSA/HSA401K matchEAPMaternity/Paternity Leave Heaven Hill and its affiliates are committed to fostering a diverse workforce as an Equal Employment Opportunity company. We invite applications from candidates of all backgrounds, without regard to race, religion, color, sex, sexual orientation, natural origin, gender identity or expression, age, disability, veteran status, or any other legally protected characteristic.
...ll be doing: Working on metal stud framing, drywall installation and finishing, acoustical ceilings, and all aspects of commercial carpentry. What we're looking for: The perfect fit will need to have their own vehicle and a full set of hand tools. Ability to read blue...
Job Overview As a member of our management team, you will have the opportunity to contribute to the continuing success of a company that has grown from a single restaurant in 1972 to 82 today across Indiana, Illinois and Wisconsin! Our culture is dedicated to serving...
...Standards. Able to be prompt, courteous, and follow instructions when given assignments. QUALIFICATIONS: Graduation from high school supplemented by one year of clerical and keyboarding experience in an office setting or an equivalent combination of training and...
...million tickets available annually on our platform to events around the world -- from sports to music, comedy to dance, festivals to theater -- StubHub offers the safest, most convenient way to buy or sell tickets to the most memorable live experiences. Come join our team...
...We are seeking an Nurse Practitioner or Physician Assistant for a Permanent Urgent Care Clinic Opportunity in Picturesque North Eastern Oregon! This provider will be working in a Hospital owned Urgent Care Clinic seeing between 20 - 40 patients per day, scribe is provided...