Security Engineer

Who We Are

The Wing Group is a global leader in engineered solutions for demanding environments, bringing together a portfolio of trusted brands including Wing Inflatables, Mustang Survival, Henshaw Inflatables, Patten Company, and FabTek Industries. Across defense, marine safety, law enforcement, and industrial sectors, we design and manufacture mission-critical inflatable, flotation, and survival solutions that professionals trust to perform when it matters most.

From combat-ready rigid inflatable boats and inflatable structures to life-saving flotation devices and marine apparel, our products are engineered and tested to exceed the highest standards of safety, durability, and performance. With U.S. and Canadian-based manufacturing and a collaborative, hands-on culture, The Wing Group delivers purpose-built solutions for the world’s toughest environments. Join us in advancing safety, performance, and innovation—on the water and beyond.

What We Offer

• Comprehensive benefits package, including health and dental coverage.
• A collaborative and supportive culture within a trusted, market-leading organization.
• Opportunities to make a meaningful impact by driving growth and innovation in a dynamic and evolving industry to save lives.
  
  

What We Are Looking For

A Hands-on IT security engineer responsible for designing, implementing, and operating security controls across identity, endpoints, networks, cloud/SaaS, OT demarcations, and physical security systems.

The role leads incident response, hardens configurations, and drives continuous improvement.

RESPONSIBILITY

• Architecture & Hardening: Build secure baselines for in Azure/Entra, Threat locker, Tenable, Fortimanager. Implement Zero Trust principles. Develop and maintain PKI infrastructure.
• Detection & Response: Operate/tune Microsoft Security Center,Defender and Sentinel. Triage and contain malware, identity compromise, insider risk, and OT anomalies. Maintain IR runbooks and conduct post incident reviews.
• Vulnerability & Patch: Run scanning and configuration compliance; prioritize risk based remediation with clear SLAs. Ensure baselines stay updated
• Identity & Access: Enforce least privilege, role based access, and just in time admin; quarterly reviews with the Compliance Analyst. manage break glass accounts.
• OT Security (with OT Specialist): Apply ISA/IEC 62443 zoning; establish IT/OT demarcation, jump hosts, and controlled vendor access.
• Physical Security Integration: Standardize access control, CCTV, and intrusion. integrate door/video events into security monitoring; perform CPTED-informed risk reviews.
• Offensive Security: Plan/execute (or coordinate) penetration tests and social engineering campaigns; run red/purple team exercises; track remediation and retests.
• Resilience: Ensure immutable/offline backups and routine recovery tests for critical systems (including OT configs); participate in business continuity exercises.
• Automation: Automate repetitive and time-consuming tasks with scripting and integration. Reduce false alarms and increase speed of containment.
  
  

Requirements

• Relevant Degree or Diploma in IT Security
• 2 years in security engineering, operations or architecture in multisite environments (manufacturing preferred).
• Proficiency across IdP, UEM/MDM, EDR/XDR, SIEM, network security (firewalls, VPN/SD-WAN, NAC, ZTNA/SASE), email/DLP, and PKI.
• Demonstrated incident response leadership and runbook development.
• Experience conducting pentests and social engineering programs with remediations supported by policy changes.
• Working knowledge of common infosec standards (e.g., NIST CSF/800-53/800-171, ISO/IEC 27001, SOC 2, CMMC)
• Familiarity with privacy laws (e.g., PIPEDA/GDPR)
• Familiarity with export controls (e.g., ITAR/EAR/CGP)
• Exposure to OT environments and to physical security systems (access control, intrusion).
• Certifications such as Sec , CySA , CCNSE
• Experience coordinating working with 3rd party and government assessments.
  
  

Knowledge, Skills, And Abilities (ksas)

• Practical usage of frameworks and policy: uses MITRE ATT&CK/ICS to prioritize controls.
• Sees the Big Picture: integrates IT, OT, and physical security without disrupting operations.
• Standards focussed: Keeps things tidy and organized, updates the documentation and creates reusable runbooks.
• Continuous learning: Stay on top of the latest security technologies and trends.
• Collaboration & ownership: communicate actively with partners and other departments to drive security outcomes.