IT Security Engineer

Take Your Corporate Career to the Next Level

Kleinfelder a Forbes Top Employer for Engineers in North America is committed to a people-first culture technical excellence and creating opportunities where employees can thrive!

Are you ready to be challenged make a difference and experience professional growth in your career Kleinfelders Corporate Services team is looking for you! From Accounting & Finance Human Resources Marketing & Communications and Information Technology to Legal and Health & Safety our corporate employees are part of the Kleinfelder ecosystem supporting the projects that improve the communities we work and live in.

Step into Your New Role

In this highly visible fast-paced and challenging position where you will collaborate with multidisciplinary team of dedicated IT professionals. You will have the opportunity to work with cutting edge security solutions. Our security team is responsible for designing implementing managing and monitoring the overall security posture of the organization. We partner with teams across the company to continually optimize our security posture while maintaining a hyper focus on the reliability and stability of our business environments.

Responsibilities:

• Partners Security Manager to create and maintain security architecture strategy road map.
• Develops and implements security tools to assist in detection prevention and analysis of security threats.
• Acts as the subject matter expert for Kleinfelders identity access management program for both internal and external identities as well as design implement and support IAM best practice configurations.
• Partner with DevOps and engineering teams to embed security controls into CI/CD pipelines and application architectures ensuring securebydesign implementations throughout the Software Development Lifecycle (SDLC).
• Manages Kleinfelders vulnerability management program and partners with other IT members to discover/remediate system vulnerabilities documents results and provides recommendations to minimize risks.
• Acts as technical leader for the implementation of security projects that require compliance with customer and corporate policies and standards.
• Represent security during the change advisory board (CAB) and software approval board to review and approve changes in software hardware facilities telecommunications and user needs.
• Monitors tunes and responds to Security Information Event Management (SIEM) security incidents e.g. system compromise loss of confidentiality authentication problems etc.
• Conducts internal and external security audits 3^rd party risk assessments and security analyses to align with compliance standards.
• Documents maintains and updates cybersecurity policies and procedures working closely with other internal IT stakeholders.
• Recommends and installs upgrades to security controls to mitigate risks.
• Researches and evaluates new security technology techniques and industry best practices to minimize threats and vulnerabilities.
• Assist with day-to-day cybersecurity responsibilities including managing the spam mailbox security awareness training and security incident tickets.
• Support internal audits and customer assessments to identify risks and determine mitigation actions.
• Understands and participates in incident response including steps to minimize the impact and conduct a technical and forensic investigations.
• Generates monthly security reports which demonstrates overall security maturity.

Required Skill/Experience:

• Bachelors degree or equivalent experience
• 7 years of progressive information security experience supporting enterprise environments.
• 5 years of handson experience designing implementing and supporting Active Directory and Azure Active Directory including multifactor authentication (MFA) single signon (SSO) conditional access policies and password security controls.
• 3 years of experience supporting security operations including incident response investigation and remediation through a ticketing or helpdesk system.
• 3 years experience working with DevOps and engineering teams to integrate security into the Software Development Lifecycle (SDLC) rather than performing afterdeployment reviews.
• 2 years of experience leading or contributing to technical security initiatives collaborating across multiple departments and external IT vendors to drive security improvements.
• Handson experience implementing security controls within CI/CD pipelines (e.g. Azure DevOps or Gitbased workflows) including secure build deployment and change management practices.
• Experience designing reviewing or securing Infrastructure as Code (IaC) deployments (e.g. ARM Bicep Terraform) with a focus on preventing misconfiguration and enforcing guardrails prior to deployment.
• Experience supporting or securing APIbased solutions including systems using Azure API Management (APIM) for authentication authorization and traffic control.
• Experience securing Microsoft Power Platform solutions including Power Apps Power Automate and Dataverse with an understanding of environment security access controls and data protection models.
• Strong experience conducting thirdparty/vendor risk assessments with the ability to clearly communicate technical risks and remediation options to IT and engineering staff.
• Experience managing configuring and supporting Microsoft advanced threat protection and security monitoring technologies.
• Working knowledge of Microsoft Information Protection including sensitivity labels data classification and Microsoft Compliance Center configurations.
• Ability to translate security requirements into clear actionable technical guidance for engineers and IT teams supporting riskbased decisionmaking.
• Excellent organizational and communication skills.
• Must be a team player flexible and willing to undertake a wide variety of challenging tasks.
• Able to work independently with guidance and direction as appropriate.

Following an offer candidates will be required to satisfactorily complete employment reference checks verification of professional licensure and/or educational credentials a motor vehicle report (MVR) and a comprehensive background check.

Move Forward with Kleinfelder:

Kleinfelder and its subsidiaries and affiliates has been connecting great people to the best work since 1961. We are engineers scientists and construction professionals providing solutions that improve our clients transportation water energy and other private infrastructure. As a responsive cross-disciplinary team of bright curious and innovative problem-solvers we are dedicated to doing the right thing every day on every project from over 110 offices in the US Canada and great people to the best work is our purpose together we deliver.

Progress with an Employer that Values You

Kleinfelder and its subsidiaries and affiliates is an inclusive organization free from discrimination. We are a stronger organization when we are a diverse workforce and believe that through diversity equity and inclusion comes creativity innovation and unity. We are proud to offer the following:

Benefits:Kleinfelder and its subsidiaries and affiliates offers an excellent compensation and benefits package including: medical dental vision life insurance 401(k) plan and paid holidays.

The expected salary range for the position is displayed in accordance with the California Pay Transparency Law. Final agreed upon compensation is based upon individual qualifications and experience. Salary Range:$75850-$126585

Career Development:We are committed to investing in the professional development of our staff offering each employee every opportunity to grow develop and take control of their career paths. We support these efforts through reimbursements for continuing education as well as many of the expenses associated with trainings and certifications and opportunities for career development through our internal Mentoring Program.

Equal Opportunity:Kleinfelder and its subsidiaries and affiliates is an Equal Opportunity Employer Minorities/Women/Disabled/Veterans. (Compliant with the new VEVRAA and Section 503 rules)

NOTICE TO THIRD PARTY AGENCIES

Please note that Kleinfelder and its subsidiaries and affiliates does not accept unsolicited resumes from recruiters or employment the absence of a signed Recruitment Fee Agreement Kleinfelder and its subsidiaries and affiliates will not consider or agree to payment for any referral compensation or recruiter the event a recruiter or agency submits a resume or candidate without a previously signed agreement Kleinfelder and its subsidiaries and affiliates explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resume including those submitted to hiring managers are deemed to be the property of Kleinfelder.