IT Security Engineer

About The Position

Requirements

• Bachelor's degree or equivalent experience
• 7+ years of progressive information security experience supporting enterprise environments.
• 5+ years of hands‑on experience designing, implementing, and supporting Active Directory and Azure Active Directory, including multi‑factor authentication (MFA), single sign‑on (SSO), conditional access policies, and password security controls.
• 3+ years of experience supporting security operations, including incident response, investigation, and remediation through a ticketing or helpdesk system.
• 3+ years’ experience working with DevOps and engineering teams to integrate security into the Software Development Lifecycle (SDLC) rather than performing after‑deployment reviews.
• 2+ years of experience leading or contributing to technical security initiatives, collaborating across multiple departments and external IT vendors to drive security improvements.
• Hands‑on experience implementing security controls within CI/CD pipelines (e.g., Azure DevOps or Git‑based workflows), including secure build, deployment, and change management practices.
• Experience designing, reviewing, or securing Infrastructure as Code (IaC) deployments (e.g., ARM, Bicep, Terraform), with a focus on preventing misconfiguration and enforcing guardrails prior to deployment.
• Experience supporting or securing API‑based solutions, including systems using Azure API Management (APIM) for authentication, authorization, and traffic control.
• Experience securing Microsoft Power Platform solutions, including Power Apps, Power Automate, and Dataverse, with an understanding of environment security, access controls, and data protection models.
• Strong experience conducting third‑party/vendor risk assessments, with the ability to clearly communicate technical risks and remediation options to IT and engineering staff.
• Experience managing, configuring, and supporting Microsoft advanced threat protection and security monitoring technologies.
• Working knowledge of Microsoft Information Protection, including sensitivity labels, data classification, and Microsoft Compliance Center configurations.
• Ability to translate security requirements into clear, actionable technical guidance for engineers and IT teams, supporting risk‑based decision‑making.
• Excellent organizational and communication skills.
• Must be a team player, flexible and willing to undertake a wide variety of challenging tasks.
• Able to work independently with guidance and direction as appropriate.
• Following an offer, candidates will be required to satisfactorily complete employment reference checks, verification of professional licensure and/or educational credentials, a motor vehicle report (MVR), and a comprehensive background check.

Responsibilities

• Partners Security Manager to create and maintain security architecture strategy road map.
• Develops and implements security tools to assist in detection, prevention, and analysis of security threats.
• Acts as the subject matter expert for Kleinfelder's identity access management program for both internal and external identities as well as design, implement, and support IAM best practice configurations.
• Partner with DevOps and engineering teams to embed security controls into CI/CD pipelines and application architectures, ensuring secure‑by‑design implementations throughout the Software Development Lifecycle (SDLC).
• Manages Kleinfelder's vulnerability management program and partners with other IT members to discover/remediate system vulnerabilities, documents results, and provides recommendations to minimize risks.
• Acts as technical leader for the implementation of security projects that require compliance with customer and corporate policies and standards.
• Represent security during the change advisory board (CAB) and software approval board to review and approve changes in software, hardware, facilities, telecommunications, and user needs.
• Monitors, tunes, and responds to Security Information Event Management (SIEM) security incidents, e.g., system compromise loss of confidentiality, authentication problems, etc.
• Conducts internal and external security audits, 3rd party risk assessments and security analyses to align with compliance standards.
• Documents, maintains, and updates cybersecurity policies and procedures working closely with other internal IT stakeholders.
• Recommends and installs upgrades to security controls to mitigate risks.
• Researches and evaluates new security technology, techniques, and industry best practices to minimize threats and vulnerabilities.
• Assist with day-to-day cybersecurity responsibilities including managing the spam mailbox, security awareness training, and security incident tickets.
• Support internal audits and customer assessments to identify risks and determine mitigation actions.
• Understands and participates in incident response, including steps to minimize the impact and conduct a technical and forensic investigations.
• Generates monthly security reports which demonstrates overall security maturity.

Benefits

• medical
• dental
• vision
• life insurance
• 401(k) plan
• paid holidays