Security Engineer
Perkins&Will is an interdisciplinary, research-based architecture and design firm founded on the belief that design has the power to transform lives and enhance communities.
Recognized as one of the world’s top global design firms, we focus on innovative research and design expertise to influence buildings and ideas that honor the broader goals of society.
Our world-class planning, design, engineering, and project management firms are dedicated to achieving our clients’ ambitions and supporting sustainable communities worldwide.
We aim to connect people, places, and communities by providing innovative solutions to the world’s most complex engineering and design challenges.
Our network is united by a commitment to providing clients with multi-disciplinary solutions rooted in quality, innovation, collaboration, and sustainability.
Reporting to the Director of Enterprise Infrastructure, the Security Engineer will be responsible for ensuring the security and integrity of our organization's systems, networks, and data.
You will play a crucial role in identifying potential vulnerabilities, implementing robust security measures, and developing strategies to protect our digital assets from unauthorized access and cyber threats.
This position requires exceptional communication, collaboration, and technical skills to drive the rapid security maturation of our exceptional IT teams.
This is a hands-on role that will include implementing all aspects of digital security, and in some cases, physical facilities’ privacy standards.
Leadership in building a secure environment and culture is also expected.
Qualifications :
- 3-5 years proven work experience as a security engineer or working with technical security strategies at a senior level, Prefer previous helpdesk and infrastructure experience as well.
- Relevant certifications such as CISSP, GIAC, CISM, or CEH are highly desirable.
- In-depth knowledge and hands-on experience with Microsoft's Defender suite, including Defender Advanced Threat Protection (ATP), Defender for Identity, Defender for Cloud Apps, Sentinel and related components are highly desirable.
- Provide guidance and mentorship to Infrastructure and Helpdesk staff team members to help grow the Security team.
- Thorough understanding of web development and application security preferred.
- Deep understanding of network protocols, firewalls, VPNs, IDS / IPS, SIEM, DLP, PAM, IAM and other security technologies.
- Familiarity and experience with computer forensics
- Strong communication and interpersonal skills, with the ability to effectively convey complex security concepts to technical and non-technical stakeholders.
- Familiarity with standards such as NIST, CMMC, ISO 27001, GDPR, CPRA, or other compliance frameworks and experience implementing corresponding policies and controls.
- Strong knowledge of vulnerability assessment tools, penetration testing methodologies, and risk assessment frameworks.
Responsibilities :
- Design and implement secure operations and systems in a creative environment where security has not traditionally been a priority.
- Develop, implement, and maintain comprehensive security strategies, policies, and procedures to safeguard the organization's systems, networks, and data.
- Serve as the primary point of contact and liaison for our Security Operations Center (SOC) partner, ensuring effective collaboration, communication, and coordination of security incident response efforts.
- Investigate and analyze security incidents, conduct forensic analysis and provide incident response to minimize the impact of security breaches.
Update incident response and Disaster Recovery documentation accordingly.
- Formalize and lead an incident response team, including training and testing.
- Administer security awareness training program for employees to promote a culture of security and ensure compliance with security policies and procedures.
Hold workshops with stakeholders to secure processes and data flow.
- Design, deploy, and maintain, in conjunction with the IT Infrastructure team, advanced security solutions, including firewalls, endpoint detection and response (EDR), data loss prevention (DLP) tools, Security Information and Event Management (SIEM) systems, Identity Access Management (IAM), and Privileged Access Management (PAM) systems.
- Collaborate with and manage external security vendors, consultants, and auditors to perform security assessments and ensure compliance with relevant regulations and standards.
- Define security standards for outside vendors, partners, and subcontractors. Plan and implement security questionnaires.
- Participate in reviewing client security requirements and respond to security questionnaires from clients.
- Key contributor for designing and maintaining compliance with standards such as ISO 27001, NIST 800-171, CMMC, and any other standards or frameworks that the company adopts.
- Work cooperatively with the application development, Infrastructure, and Helpdesk teams to mitigate security risks.
This position can be located in any US Perkins&Will studio location.
Related Jobs
Security Engineer
Perkins&Will is an interdisciplinary, research-based architecture and design firm founded on the belief that design has the power to transform lives and enhance communities.
Recognized as one of the world’s top global design firms, we focus on innovative research and design expertise to influence buildings and ideas that honor the broader goals of society.
Our world-class planning, design, engineering, and project management firms are dedicated to achieving our clients’ ambitions and supporting sustainable communities worldwide.
We aim to connect people, places, and communities by providing innovative solutions to the world’s most complex engineering and design challenges.
Our network is united by a commitment to providing clients with multi-disciplinary solutions rooted in quality, innovation, collaboration, and sustainability.
Reporting to the Director of Enterprise Infrastructure, the Security Engineer will be responsible for ensuring the security and integrity of our organization's systems, networks, and data.
You will play a crucial role in identifying potential vulnerabilities, implementing robust security measures, and developing strategies to protect our digital assets from unauthorized access and cyber threats.
This position requires exceptional communication, collaboration, and technical skills to drive the rapid security maturation of our exceptional IT teams.
This is a hands-on role that will include implementing all aspects of digital security, and in some cases, physical facilities’ privacy standards.
Leadership in building a secure environment and culture is also expected.
Qualifications :
- 3-5 years proven work experience as a security engineer or working with technical security strategies at a senior level, Prefer previous helpdesk and infrastructure experience as well.
- Relevant certifications such as CISSP, GIAC, CISM, or CEH are highly desirable.
- In-depth knowledge and hands-on experience with Microsoft's Defender suite, including Defender Advanced Threat Protection (ATP), Defender for Identity, Defender for Cloud Apps, Sentinel and related components are highly desirable.
- Provide guidance and mentorship to Infrastructure and Helpdesk staff team members to help grow the Security team.
- Thorough understanding of web development and application security preferred.
- Deep understanding of network protocols, firewalls, VPNs, IDS / IPS, SIEM, DLP, PAM, IAM and other security technologies.
- Familiarity and experience with computer forensics
- Strong communication and interpersonal skills, with the ability to effectively convey complex security concepts to technical and non-technical stakeholders.
- Familiarity with standards such as NIST, CMMC, ISO 27001, GDPR, CPRA, or other compliance frameworks and experience implementing corresponding policies and controls.
- Strong knowledge of vulnerability assessment tools, penetration testing methodologies, and risk assessment frameworks.
Responsibilities :
- Design and implement secure operations and systems in a creative environment where security has not traditionally been a priority.
- Develop, implement, and maintain comprehensive security strategies, policies, and procedures to safeguard the organization's systems, networks, and data.
- Serve as the primary point of contact and liaison for our Security Operations Center (SOC) partner, ensuring effective collaboration, communication, and coordination of security incident response efforts.
- Investigate and analyze security incidents, conduct forensic analysis and provide incident response to minimize the impact of security breaches.
Update incident response and Disaster Recovery documentation accordingly.
- Formalize and lead an incident response team, including training and testing.
- Administer security awareness training program for employees to promote a culture of security and ensure compliance with security policies and procedures.
Hold workshops with stakeholders to secure processes and data flow.
- Design, deploy, and maintain, in conjunction with the IT Infrastructure team, advanced security solutions, including firewalls, endpoint detection and response (EDR), data loss prevention (DLP) tools, Security Information and Event Management (SIEM) systems, Identity Access Management (IAM), and Privileged Access Management (PAM) systems.
- Collaborate with and manage external security vendors, consultants, and auditors to perform security assessments and ensure compliance with relevant regulations and standards.
- Define security standards for outside vendors, partners, and subcontractors. Plan and implement security questionnaires.
- Participate in reviewing client security requirements and respond to security questionnaires from clients.
- Key contributor for designing and maintaining compliance with standards such as ISO 27001, NIST 800-171, CMMC, and any other standards or frameworks that the company adopts.
- Work cooperatively with the application development, Infrastructure, and Helpdesk teams to mitigate security risks.
This position can be located in any US Perkins&Will studio location.
SATCOM Security Engineer
Qualifications
Required Qualifications :
- Knowledge of Navy SATCOM security architectures, TRANSEC requirements, and federal agency certification / approval processes.
- Experience developing and working with SATCOM security architectures, such as Direct Sequence Spread Spectrum (DSSS) technique and End Cryptographic Unit (ECU) devices.
- Experience developing Key Management Infrastructure (KMI) including key management, key generation, and key sharing architectures in coordination with federal agency and associated security policies
- Current / active Secret clearance and eligible for TS / SCI.
Desired Qualifications :
- Bachelor's or Master's Degree in Electrical Engineering, Cybersecurity, or Computer Science (minimum 10 years of experience)
- Excellent writing and verbal communication skills, and email etiquette
- Proactive self-starter; work well independently and with teams in a collaborative environment
Responsibilities
Provide security engineering support to the U.S. Navy Wideband Anti-Jam Modem System (WAMS). Work with the Assistant Program Manager (APM) and Chief Engineer (CE) to develop system requirements, support system engineering execution, and participate in technical and programmatic exchanges with internal and external stakeholders to include Navy, Space Force, Space and Missile Defense Command (SMDC), and Defense Information Systems Agency (DISA).
Participate in program technical reviews; provide expert input and recommendations on cybersecurity issues to support system development and program execution.
Identify requirements to obtain federal agency approval of security components used by the WAMS program. Develop a Key and Certificate Management Plan (KCMP) and coordinate KCMP approval with federal approvers.
Coordinate with other Navy program offices, DISA, and other external stakeholders, as required for Transmission Security (TRANSEC) issues impacting the WAMS programs.
Security Agent
Essential Duties and Responsibilities :
- Inspects airline equipment and checks for any unauthorized items.
- Screens cargo using equipment / method designated by customer and according to customer’s specifications.
- Performs aircraft monitoring, passenger wanding and gate guarding according to customer’s specifications.
- Observes and monitors unit activity and facility surroundings when not performing inspection / validation duties.
- Performs all other duties as assigned by management.
- Reports to Operations Supervisor or Operations Manager, depending on size of unit.
- Activities overseen by Lead or Senior Lead, depending on size of unit.
Education :
High school diploma or GED
Requirements :
- New employees required to complete an FBI fingerprint check (SIDA Badge) and a confirmed 10-year background check (10 year listed; 5 year verified)
- Not have been convicted of any of the listed FAA Disqualifying Crimes;.
- Ability to bend, push, and lift up to 30 pounds on a regular basis in order to perform the essential functions of the job.
- Must be at least 18 years old.
- Hold a valid U.S. driver’s license
- Must be Covid-19 Vaccinated
Communication Skills :
Possess written and oral communication skills in English.
Certificates, Licenses and Registrations :
Travel :Environmental Requirements :
Works non standard work hours, evenings, weekends, holidays.
Demonstrated Competencies to be Successful in the Position :
- Security Mindset take pride in keeping the skies safe and the flights secure
- Trust - keeping promises and speaking the truth.
- Customer Focused - the willingness to listen and the duty to act promptly and appropriately.
- Team Spirit - integrity, experience, collaboration and open communication.
- Innovation creativity, seeking new ideas, continuous improvement though anticipating change and adapting to it.
SENIOR INFORMATION SYSTEMS SECURITY OFFICER
3RC is seeking candidates with 12+ Years of cybersecurity experience to join our team as a Senior Information Systems Security Officer.
The selected candidate will perform security scans to identify vulnerabilities and risks, and work with the Engineering team to mitigate the risks.
The candidate is required to have experience with ensuring systems successfully complete the Assessments & Authorization (A&A) process.
They will work with other security and IT professionals in developing and implementing strategies to detect and mitigate threats to information systems, protect critical data sets, and provide assessments of system and network vulnerabilities.
They will analyze threats and develop and implement best practices methodologies for incident detection, reporting, and vulnerability remediation.
Primary Responsibilities :
- Plan and recommend modifications or adjustments based on exercise results or system environment.
- Properly document all systems security implementation, operations, and maintenance activities and update as necessary.
- Verify and update security documentation reflecting the application / system security design features.
- Assess the effectiveness of security controls.
- Assess all the configuration management (change configuration / release management) processes.
- Develop procedures and test fail-over for system operations transfer to an alternate site based on system availability requirements.
- Analyze and report organizational security posture trends.
- Analyze and report system security posture trends.
- Assess adequate access controls based on principles of least privilege and need-to-know.
- Implement security measures to resolve vulnerabilities, mitigate risks, and recommend security changes to system or system components as needed.
- Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation.
- Mitigate / correct security deficiencies identified during security / certification testing and / or recommend risk acceptance for the appropriate senior leader or authorized representative.
- Verify minimum security requirements are in place for all applications.
- Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
Required Qualifications :
- DoD 8570 certification (IAT or IAM Level 2)
- Demonstrated experience with Risk Management Framework (experience under DHA a plus)
- Demonstrated efficiency and experience in RMF package development, including POA&Ms (mitigation statements), Security Plans, Risk Assessments, architecture diagrams, hardware / software inventories, and system / site policies, procedures, and processes
- Hands on experience with the DoD tool eMASS
- Familiarity with NIST publications
- Experience in assessing systems using NIST 800-53 and / or DISA STIGs and SRGs
- Excellent customer service and organization skills
- Excellent oral and written communication skills
Desired Qualifications :
- Experience with ACAS and HBSS
- Experience in RMF policy development, process improvement, and strategy implementation
- Knowledge in Continuous Monitoring and Risk Scoring (CMRS)
- Knowledge of cloud capabilities and secure cloud architecture
- Knowledge in one or more of the following technologies :
o Medical devices
o Windows
o Linux / Unix
o Network Devices
o Databases MS SQL, Oracle
o VMWare Virtualization
Clearance Required :
Active Secret security clearance
Company Paid Standard Benefits :
- Short / Long Term Disability
- Basic Life Insurance
- Direct Payroll Deposit
- Leave Accrual
- Holidays
- 401(k) Match
Employee / Company Shared Benefits :
- Additional (Voluntary) Life Insurance
- 401(k)
- Medical Coverage
- Dental Coverage
- Vision Care Plan
- Flexible Spending Account Plan
PI223568073
SECURITY OFFICER
SECURITY OFFICER
- We work with you based off of your availability;
- We offer flexible schedules
- PT / FT available
- Day, Swing, & Graveyard Shifts
- Holiday Pay
- Weekends
- On Call Positions
- Standing Officer & Patrol Division Openings
SAFETY & SATISFACTION IS OUR #1 PRIORITY
Security First takes a drastically different approach to providing security services our security officers are not only highly trained and exceptionally professional in both demeanor and appearance, but go above and beyond to provide a friendly, helpful resource to tenants and business patrons.
We feel that offering a combination of the latest technologies, 5-star customer service, and a pleasant onsite presence, contributes to a more comprehensive and satisfying customer experience.