Title: Senior SailPoint ISC Security Engineer Location: Tampa United States Job Description: This role is Home-Based, not on-site. Make a Difference in YOUR Career! Our vision is both simple and ambitious: to put our drinks on every table. We are the leading global independent beverage solutions provider. We serve a broad range of national and international retailers as well as Global, National and Emerging (GNE) brands. Our products are distributed worldwide from our production sites in Europe, North America, and Australia. Although our own branding may not appear on the labels of the beverages we produce, there is a good chance you are reading this while sipping one of our drinks. Our ambition is to continually improve and it's what keeps us at the top of our game. We are solutions-based. We are innovative. We seek out new challenges and conquer them. This is our company ethos, but it's our people's too: Refresco is at the cutting edge of a fast-moving industry because we have passionate people pushing the boundaries of what's best. Stop and think: how would YOU put our drinks on every table? We are seeking a highly motivated and experienced Senior SailPoint Identity Security Cloud (ISC) Engineer to join our team. In this role, you will be responsible for designing, implementing, and maintaining a robust identity and access management (IAM) framework using the SailPoint ISC platform. This role requires deep technical expertise in SailPoint ISC and a proven track record of successfully integrating it within complex enterprise environments. Core Responsibilities The primary duties of a SailPoint ISC Engineer will include the following: - Implementation and Configuration: Lead the end-to-end implementation and deployment of SailPoint ISC solutions. This involves configuring custom rules, workflows, and policies to align with our specific security and compliance needs. - Application Onboarding and Integration: Design, build, and maintain a wide range of connectors for various systems, including: - On-premise or data center hosted applications. - Software as a Service (Saas) based applications - Infrastructure layer applications (e.g., OS and database systems). - SAP Integration Expertise: Specialize in building and maintaining connectors with SAP, including S/4HANA and GRC, including configuring and supporting Segregation of Duties (SOD) checks against the GRC ruleset. - ITSM Integration: Design processes and build connectors with an IT Service Management (ITSM) system (Xurrent preferred) to streamline access provisioning and termination workflows. - Develop a feedback mechanism to automatically deliver a summary of SailPoint ISC activities back to the originating ITSM ticket, facilitating efficient ITSM ticket closure. - Non-Employee Risk management (NERM) Module Administration: Configure and maintain the SailPoint ISC NERM module, establishing it as the authoritative source for managing contractor and vendor identities. - Identity Lifecycle Management and Certifications: Configure and maintain SailPoint ISC for automated joiner, mover, and termination processes as originating from the HR system, Active Directory and NERM authoritative sources. This also entails configuring user and privileged access review certification campaigns that support Refresco's security and compliance framework. - Troubleshooting and Support: Provide technical expertise to troubleshoot and resolve complex issues related to the SailPoint ISC platform, integrations, and user access. Required Skills and Competencies: - Demonstrative leadership designing and delivering SailPoint ISC solutions to support Identity and Access Management (IAM) and security governance frameworks - A strong aptitude for troubleshooting complex access issues that span across multiple integrated platforms. - Proactive analysis of process, prospective enhancements, and future functionality - Strong communication skills, and ability to integrate and collaborate seamlessly with application teams, business process owners, consultants and auditors to align identity governance with business needs and compliance requirements - Strong expertise building Functional and Technical Specifications Documents - Expertise developing security and access management process flows Education, Certifications and Preferred Experience: - Undergraduate degree in Information Technology/Systems, - 5+ Years of proven experience configuring and maintaining SailPoint ISC (or related SailPoint IAM solutions). - Experience building IAM processes and connectors with Xurrent (ITSM), Active Directory UKG Pro and SAP systems - SailPoint Identity Security Cloud Engineer Certification Travel Requirements: - Acceptance of home-based policy - Travel as request by leadership, not to exceed 25% per annum - Travel to Tampa two weeks per month for the first 3 months of employment for orientation and onboarding. A Career with Refresco Refresco is passionate about empowering leaders who reflect our core values and live by our leadership behaviors. These behaviors encourage effective leadership within the business, and focus on leading courageously, empowering individuals, and driving company growth as one team. Joining our team as a people manager means you'll be encouraged to evolve as a leader who prioritizes the success of both you and your team, to deliver results, whilst bringing your authentic self to work. Refresco Beverages US Inc. offers the following competitive pay and comprehensive benefits: Pay Range: $142,000k - $180,290k, plus eligibility for performance-based bonuses based on company objectives. Status: Exempt - Medical/Dental/Vision Insurance - Health Savings Accounts and Flexible Spending Accounts - Life and AD&D Insurance, critical illness, hospital indemnity, and accident insurance - Short-term disability and long-term disability - Pet Insurance - Legal Benefits - 401(k) Savings Plan with Company Match - 12 Paid Holidays - 10 Vacation Days and 5 Paid (Sick) Time Off Days - Well-being Benefit - Discount and Total Reward Programs The applicant who is hired will receive wages within the range that will be based on several factors, including, as applicable, criteria such as years and type of experience, relevant education, training, qualifications, certifications/licensing, skills, geographic location, performance, market considerations, seniority system, merit system, systems that measure earnings by quantity or quality of production, and business or organizational needs. Application deadline: September 15th, 2026 (the application deadline is a good-faith estimate and may be extended in certain circumstances) How to apply: Please visit our careers site at https://www.refresco-na.com/na/careers/ Join Refresco TODAY and enjoy a rewarding CAREER! Any employment agency, person, or entity that submits a résumé to this career site or a hiring manager does so with the understanding that the applicant's résumé will become the property of Refresco Beverages US, Inc.  Refresco Beverages, US Inc., will have the right to hire that applicant at its discretion without any fee owed to the submitting employment agency, person, or entity. Employment agencies that have agreements with Refresco Beverages US, Inc., and have been engaged in a search shall submit a résumé to the designated Refresco recruiter or, upon authorization, submit a résumé to this career site to be eligible for placement fees. Refresco Beverages US Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender identity, gender expression, Veteran status, or any other classification protected by federal, state, or local law.

Title: SAP Security Manager Location: Modesto United States Job Description: Job Req ID: 107203 Job Type: Full-time Work Category: Hybrid Telecommute Sponsorship: Not Available Compensation: $ 151,000 - $ 226,600 Gallo Privacy Policy We are GALLO We're a family-owned company with a 90+ year legacy, that's consistently recognized as a Glassdoor "Best Places to Work." We have 130+ brands in our total alcohol beverage portfolio including wine, malt, spirits, and ready-to-drink beverages. We're home to the #1 wine and spirits brands in the U.S. - Barefoot Wine & High Noon and are the official sponsors of the NFL, NHL, UFC, and PGA of America. View our Corporate Values and Mission Statement here. A Taste of What You'll Do At Gallo, we believe great security enables great business. As an SAP Security Manager, you'll play a critical role in protecting and enabling our SAP landscape while leading a team that partners closely with IT and the business. This role sits at the intersection of governance, risk, compliance, and operational excellence-ensuring the right access, the right controls, and the right outcomes. You'll guide and develop a team of SAP Security Administrators and Analysts, providing both strategic direction and hands-on expertise. From designing and maintaining security roles to supporting GRC processes and audit readiness, your work will directly impact how our systems support finance, supply chain, customer management, and beyond. You'll collaborate with functional and technical partners to embed strong access controls into evolving business processes while adapting to new technologies and platforms. This is an opportunity to shape SAP security practices across development, testing, and production environments while helping Gallo maintain compliance with IT general controls and regulatory expectations. You'll influence standards, improve processes, and contribute to the long-term SAP security strategy-all while modeling intrapreneurship, ownership, and accountability. If you thrive in a leadership role where trust, collaboration, and continuous improvement matter, this is your chance to make a lasting impact. What You'll Need - Master's degree in Information Security, Cybersecurity, Computer Science, Business Administration, MIS, Mathematics, or Engineering plus 5 years of experience spanning at least two IT disciplines, including Information Security, Technical Architecture, Network Management, Application Development, Middleware, Database Management, Business Intelligence, or Operations reflecting increasing levels of responsibility; OR Bachelor's degree in Information Security, Cybersecurity, Computer Science, Business Administration, MIS, Mathematics, or Engineering plus 7 years of experience spanning at least two IT disciplines, including Information Security, Technical Architecture, Network Management, Application Development, Middleware, Database Management, Business Intelligence, or Operations reflecting increasing levels of responsibility; OR High school diploma or State-issued equivalency certificate plus 11 years of experience spanning at least two IT disciplines, including Information Security, Technical Architecture, Network Management, Application Development, Middleware, Database Management, Business Intelligence, or Operations reflecting increasing levels of responsibility. - Required to travel to company offices, sites, and/or meeting locations for onboarding, training, meetings, and events for development, department needs, and business delivery up to 5% of the time, with or without reasonable accommodation. This may be in addition to travel requirements, if applicable, as listed in this job description. - Required to be 18 years or older. This may be in addition to other age requirements, if applicable, as listed in this job description. How You'll Stand Out - Master's degree in Information Security, Cybersecurity, Computer Science, Business Administration, MIS, Mathematics, or Engineering plus 7 years of experience spanning at least two IT disciplines, including Information Security, Technical Architecture, Network Management, Application Development, Middleware, Database Management, Business Intelligence, or Operations reflecting increasing levels of responsibility; OR Bachelor's degree in Information Security, Cybersecurity, Computer Science, Business Administration, MIS, Mathematics, or Engineering plus 9 years of experience spanning at least two IT disciplines, including Information Security, Technical Architecture, Network Management, Application Development, Middleware, Database Management, Business Intelligence, or Operations reflecting increasing levels of responsibility; OR High school diploma or State-issued equivalency certificate plus 13 years of experience spanning at least two IT disciplines, including Information Security, Technical Architecture, Network Management, Application Development, Middleware, Database Management, Business Intelligence, or Operations reflecting increasing levels of responsibility. - 7 years of experience with SAP GRC Access Control/Process Controls Suite, including implementation, upgrades, or rollouts, with hands-on implementation skills across ARA, EAM, ARM, and BRM modules. - Experience supporting SAP ECC or S/4HANA security implementations or operations, including SOD conflict resolution, role design, user administration, and Fiori or SAP HANA-enabled environments. To View the complete job description please click here. Our Benefits & Perks We are committed to providing competitive compensation, perks, and a culture that supports your well-being. Benefits depend on your work category and may include medical and dental coverage, 401k plans, profit sharing, pet insurance, company holidays, access to an employee wine shop, and more! Additional information will be provided before your first interview. The Fine Print - The Company does not sponsor for employment-based visas for this position now or in the future. - Actual compensation paid within the range will be determined by factors such as the education, experience, knowledge, skills and abilities of the applicant, internal equity, and alignment with market data. In addition to the salary, this position may be eligible for bonuses, incentive plans, or participate in tasting room tip pools, as applicable. - This position will be based in the location(s) specified in the job posting with an option for occasional telecommuting. You will be expected to live within a commutable distance. - It is the Company's policy for job postings to be open to internal candidates for a minimum of 5 days and to external candidates, if applicable, for a minimum of 3 days. Gallo's policy is to afford equal employment opportunities to all applicants and employees and not to discriminate on the basis of race, traits associated with race, including but not limited to, hair texture and protective hairstyles (such as braids, locks, and twists), color, national origin, ancestry, creed, religion, physical disability, mental disability, medical condition as defined by applicable state law (including cancer and predisposing genetic characteristics), genetic information, marital status, familial status, sex, gender, gender identity, gender expression, sexual orientation (actual or perceived), transgender status, sex stereotyping, pregnancy, childbirth or related medical conditions, reproductive health decision making, age, military or veteran status, domestic violence or sexual assault victim status, or any other basis protected by applicable law. Nor will Gallo discriminate based on a perception that an individual has any of the foregoing characteristics or is associated with a person who has, or is perceived to have, any of those characteristics. Gallo will comply with state and local laws prohibiting discrimination for lawful out-of-work behavior, such as off-duty use of cannabis away from the workplace (subject to federal and state law exceptions), the existence of non-psychoactive cannabis metabolites in hair, blood, urine, or other bodily fluids as determined by a drug screening test (subject to federal and state law exceptions). We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Gallo is committed to providing reasonable accommodation for candidates with disabilities in our recruiting process. If you need any assistance or accommodation due to a disability, please let us know at 209.341.7000. Gallo is enrolled in the Department of Homeland Security's E-Verify program and will use the program to verify the employment eligibility of all newly hired employees as required. E-Verify Notice Right to Work Employee Polygraph Protection Act

• Administer and manage Microsoft Entra (Azure AD), including identity governance, access policies, and directory services • Oversee endpoint management activities, ensuring device configuration, compliance, and lifecycle management • Manage Microsoft Defender for threat detection, response, and security monitoring • Configure, maintain, and troubleshoot VPN infrastructure to ensure secure and reliable remote connectivity • Own and maintain system integrations across the IT ecosystem, ensuring operational reliability and uptime • Manage corporate email infrastructure, including provisioning, configuration, and escalation resolution • Administer HubSpot and support CRM-related IT operational activities • Handle and resolve IT support tickets efficiently while maintaining service quality and SLA adherence • Support shipping label systems and related logistics platform integrations • Document operational processes, configurations, and runbooks to support scalability and knowledge management • Identify and mitigate operational risks proactively to strengthen IT resilience and security posture • Collaborate cross-functionally with internal teams and vendors to resolve issues and drive continuous improvement initiatives.

• Proactively engage with clients as a trusted advisor to understand security challenges and requirements and identify how they can be addressed by New Era and partner solutions. • Provide pre-sales support in collaboration with sales teams and ensure product and service selection meets customers’ business and technology needs. • Present and articulate New Era security value proposition to clients (including C-suite, with an emphasis on the CISO) on both a technical and business level. • Effectively communicate the capabilities of New Era security services. • Proactively monitor and assess industry/technology advancements and alliances, looking for ways to leverage existing capabilities and emerging technologies. • Define requirements, solutions and value propositions to hand off to Solutions Architects. • Work with Account Managers and Sales Directors to proactively establish presence in key client accounts. • Develop security solution profiles for top accounts and identify key influencers and decision-makers. • Own and develop relationships with key vendor contacts to stay current on vendor updates and to facilitate account mapping, deal registration, discounting and escalations. • Conduct security trainings to build outside sales team’s security and lead qualification capabilities. • Work with New Era Cybersecurity team to identify opportunities for consulting and hardware/software integration services. • Monitor competition by gathering current marketplace information on pricing, products, services, and delivery schedule. • Demonstrate industry thought leadership to attract clients and grow New Era’s market reputation in security.