Security Engineer

Posting Details Posted: May 31, 2023 Full-Time Locations Showing 1 location Atlanta 1315 Peachtree Street NE Atlanta, GA 30309, USA Atlanta 1315 Peachtree Street NE Atlanta, GA 30309, USA Austin 310 Comal St. Suite 100 Austin, TX 78702, USA Austin 310 Comal St. Suite 100 Austin, TX 78702, USA Boston 225 Franklin Street Suite 1100 Boston, MA 02110, USA Boston 225 Franklin Street Suite 1100 Boston, MA 02110, USA Charlotte 128 S. Tryon St. Suite 500 Charlotte, NC 28202, USA Charlotte 128 S. Tryon St. Suite 500 Charlotte, NC 28202, USA Chicago 410 North Michigan Avenue Suite 1600 Chicago, IL 60611, USA Chicago 410 North Michigan Avenue Suite 1600 Chicago, IL 60611, USA Dallas 2218 Bryan Street Suite 200 Dallas, TX 75201, USA Dallas 2218 Bryan Street Suite 200 Dallas, TX 75201, USA Durham 411 W. Chapel Hill Street Suite 200 Durham, NC 27701, USA Durham 411 W. Chapel Hill Street Suite 200 Durham, NC 27701, USA Houston 1001 McKinney Suite 1300 Houston, TX 77002, USA Houston 1001 McKinney Suite 1300 Houston, TX 77002, USA Miami 2800 Ponce De Leon Blvd. Suite 1300 Coral Gables, FL 33134, USA Miami 2800 Ponce De Leon Blvd. Suite 1300 Coral Gables, FL 33134, USA Minnesota IDS Center, 80 South Eighth Street Suite 300 Minneapolis, MN 55402, USA Minnesota IDS Center, 80 South Eighth Street Suite 300 Minneapolis, MN 55402, USA Washington DC 1222 22nd Street NW Suite 200 Washington, DC 20037, USA Washington DC 1222 22nd Street NW Suite 200 Washington, DC 20037, USA +10 more less Job Details Description Perkins&Will is an interdisciplinary, research-based architecture and design firm founded on the belief that design has the power to transform lives and enhance communities. Recognized as one of the world’s top global design firms, we focus on innovative research and design expertise to influence buildings and ideas that honor the broader goals of society. Our world-class planning, design, engineering, and project management firms are dedicated to achieving our clients’ ambitions and supporting sustainable communities worldwide. We aim to connect people, places, and communities by providing innovative solutions to the world’s most complex engineering and design challenges.  Our network is united by a commitment to providing clients with multi-disciplinary solutions rooted in quality, innovation, collaboration, and sustainability. Reporting to the Director of Enterprise Infrastructure, the Security Engineer will be responsible for ensuring the security and integrity of our organization's systems, networks, and data. You will play a crucial role in identifying potential vulnerabilities, implementing robust security measures, and developing strategies to protect our digital assets from unauthorized access and cyber threats. This position requires exceptional communication, collaboration, and technical skills to drive the rapid security maturation of our exceptional IT teams. This is a hands-on role that will include implementing all aspects of digital security, and in some cases, physical facilities’ privacy standards. Leadership in building a secure environment and culture is also expected. Qualifications:  3-5 years proven work experience as a security engineer or working with technical security strategies at a senior level, Prefer previous helpdesk and infrastructure experience as well.  Relevant certifications such as CISSP, GIAC, CISM, or CEH are highly desirable.  In-depth knowledge and hands-on experience with Microsoft's Defender suite, including Defender Advanced Threat Protection (ATP), Defender for Identity, Defender for Cloud Apps, Sentinel and related components are highly desirable.  Provide guidance and mentorship to Infrastructure and Helpdesk staff team members to help grow the Security team.  Thorough understanding of web development and application security preferred.  Deep understanding of network protocols, firewalls, VPNs, IDS/IPS, SIEM, DLP, PAM, IAM and other security technologies.  Familiarity and experience with computer forensics  Strong communication and interpersonal skills, with the ability to effectively convey complex security concepts to technical and non-technical stakeholders.  Familiarity with standards such as NIST, CMMC, ISO 27001, GDPR, CPRA, or other compliance frameworks and experience implementing corresponding policies and controls.  Strong knowledge of vulnerability assessment tools, penetration testing methodologies, and risk assessment frameworks. Responsibilities:  Design and implement secure operations and systems in a creative environment where security has not traditionally been a priority.  Develop, implement, and maintain comprehensive security strategies, policies, and procedures to safeguard the organization's systems, networks, and data.  Serve as the primary point of contact and liaison for our Security Operations Center (SOC) partner, ensuring effective collaboration, communication, and coordination of security incident response efforts.  Investigate and analyze security incidents, conduct forensic analysis and provide incident response to minimize the impact of security breaches. Update incident response and Disaster Recovery documentation accordingly.  Formalize and lead an incident response team, including training and testing.  Administer security awareness training program for employees to promote a culture of security and ensure compliance with security policies and procedures. Hold workshops with stakeholders to secure processes and data flow.  Design, deploy, and maintain, in conjunction with the IT Infrastructure team, advanced security solutions, including firewalls, endpoint detection and response (EDR), data loss prevention (DLP) tools, Security Information and Event Management (SIEM) systems, Identity Access Management (IAM), and Privileged Access Management (PAM) systems. Collaborate with and manage external security vendors, consultants, and auditors to perform security assessments and ensure compliance with relevant regulations and standards.  Define security standards for outside vendors, partners, and subcontractors. Plan and implement security questionnaires.  Participate in reviewing client security requirements and respond to security questionnaires from clients.  Key contributor for designing and maintaining compliance with standards such as ISO 27001, NIST 800-171, CMMC, and any other standards or frameworks that the company adopts.  Work cooperatively with the application development, Infrastructure, and Helpdesk teams to mitigate security risks.    ***This position can be located in any US Perkins&Will studio location.*** Qualifications Skills Behaviors : Motivations : Education Experience Licenses & Certifications Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)