• Own architecture strategy and hands-on delivery for IT & Security engineering initiatives. • Translate security and IT objectives into actionable workflows, automation patterns, and documentation. • Mentor team members on technical troubleshooting, configuration, and best practices; foster a security-first culture. • Evaluate and recommend technologies to improve security posture, service reliability, and operational efficiency. • Own end-to-end identity lifecycle management using Okta as the primary IAM platform. • Maintain and refine RBAC/ABAC models, least-privilege controls, and provisioning workflows. • Implement and support SSO, MFA, SCIM, conditional access, and session security controls. • Conduct periodic access reviews and maintain audit documentation for GovWorx compliance frameworks. • Serve as SME for Jamf (macOS) and Intune (Windows): secure baselines, configuration profiles, provisioning, and compliance enforcement. • Maintain Zero Trust device posture: encryption, patching, MDM enforcement, automated remediation, and application access controls. • Manage and tune the EDR deployment for detection quality and incident readiness. • Deploy self-service endpoint capabilities to minimize employee friction and ensure timely application access. • Maintain centralized logging and monitoring pipelines across identity, endpoint, and SaaS systems. • Create and refine detection alerts for high-signal, low-noise event visibility. • Lead technical investigation during security events: evidence gathering, forensic analysis, containment, and remediation recommendations. • Collaborate with the Head of IT & Security on incident prioritization, communication, and business-impact decisions. • Maintain and optimize core SaaS, collaboration, and IT platforms for reliability and scalability. • Own hardware and software lifecycle management: procurement, deployment, inventory, and secure decommissioning. • Maintain and regularly test backup, continuity, and disaster recovery processes. • Maintain system diagrams, runbooks, SOPs, and internal knowledge articles. • Support GovWorx compliance frameworks through control enforcement, audit evidence collection, and documentation. • Maintain SaaS application and OAuth integration inventory; review and control privileged access and scope boundaries. • Manage lifecycle of service accounts, API keys, certificates, and secrets; enforce secure storage and automated rotation. • Assist in vendor security evaluations, risk assessments, and risk register contributions.

• Contribute to developing strategic and tactical planning for FSQR activities across the NA region and take responsibility for executing the process for the Canada FSQR team • Lead and develop team talent through succession planning for key roles, performance management, coaching, mentoring, and recruitment processes • Analyze, review, and interpret external regulations as well as customer and supplier standards, then implement necessary policies and procedures to ensure compliance with applicable laws and regulations for the Canada POD • Establish and maintain leadership partnerships and relationships with key stakeholders across cross-functional teams to promote an integrated safety and quality culture and support business strategies • Independently facilitate resolution of highly complex issues and proactively anticipate risks, implementing preventive measures or mitigation plans as appropriate • Support development and escalation of new innovations, continuous improvement initiatives, and process sustainment • Support base and non-base capital investments for Canada and the broader NA regions to maintain and enhance food safety management systems and product safety • Other duties as assigned

• Partner with engineering teams to improve security through consultation, education, tooling, and process improvements. • Perform targeted code reviews and security assessments when investigating high-risk designs, vulnerabilities, or security-sensitive features. • Help evaluate emerging AI technologies and development practices. • Notice recurring security challenges and contribute to scalable solutions that reduce risk across the organization. • Help handle application vulnerability reports received through third-party sources. • Command incidents and facilitate post-mortem investigations. • Participate in on-call rotation and take your turn shouldering operational toil for the team.

• Write documentation required for Authority to Operate (ATO) • Support performance scans, analyze logs, monitor and report vulnerabilities • Investigate and analyze issues and incidents • Development of cybersecurity architecture • Provide programming services for specific systems and applications • Participate in systems analysis, design definition, software development, systems test, implementation, and maintenance • Analyze coding problems and develop improvements to procedures • Design, develop, troubleshoot, debug, and implement software code