It Security Engineer Jobs (NOW HIRING)

Job Summary:
Kleinfelder, a Forbes' Top Employer for Engineers in North America, is seeking an IT Security Engineer to join their Corporate Services team. The role involves collaborating with IT professionals to design, implement, manage, and monitor the organization's security posture, while ensuring compliance with security standards and optimizing security measures across various departments.
Responsibilities:
• Partners Security Manager to create and maintain security architecture strategy road map.
• Develops and implements security tools to assist in detection, prevention, and analysis of security threats.
• Acts as the subject matter expert for Kleinfelder's identity access management program for both internal and external identities as well as design, implement, and support IAM best practice configurations.
• Partner with DevOps and engineering teams to embed security controls into CI/CD pipelines and application architectures, ensuring secure‑by‑design implementations throughout the Software Development Lifecycle (SDLC).
• Manages Kleinfelder's vulnerability management program and partners with other IT members to discover/remediate system vulnerabilities, documents results, and provides recommendations to minimize risks.
• Acts as technical leader for the implementation of security projects that require compliance with customer and corporate policies and standards.
• Represent security during the change advisory board (CAB) and software approval board to review and approve changes in software, hardware, facilities, telecommunications, and user needs.
• Monitors, tunes, and responds to Security Information Event Management (SIEM) security incidents, e.g., system compromise loss of confidentiality, authentication problems, etc.
• Conducts internal and external security audits, 3 rd party risk assessments and security analyses to align with compliance standards.
• Documents, maintains, and updates cybersecurity policies and procedures working closely with other internal IT stakeholders.
• Recommends and installs upgrades to security controls to mitigate risks.
• Researches and evaluates new security technology, techniques, and industry best practices to minimize threats and vulnerabilities.
• Assist with day-to-day cybersecurity responsibilities including managing the spam mailbox, security awareness training, and security incident tickets.
• Support internal audits and customer assessments to identify risks and determine mitigation actions.
• Understands and participates in incident response, including steps to minimize the impact and conduct a technical and forensic investigations.
• Generates monthly security reports which demonstrates overall security maturity.
Qualifications:
Required:
• Bachelor's degree or equivalent experience
• 7+ years of progressive information security experience supporting enterprise environments.
• 5+ years of hands‑on experience designing, implementing, and supporting Active Directory and Azure Active Directory, including multi‑factor authentication (MFA), single sign‑on (SSO), conditional access policies, and password security controls.
• 3+ years of experience supporting security operations, including incident response, investigation, and remediation through a ticketing or helpdesk system.
• 3+ years’ experience working with DevOps and engineering teams to integrate security into the Software Development Lifecycle (SDLC) rather than performing after‑deployment reviews.
• 2+ years of experience leading or contributing to technical security initiatives, collaborating across multiple departments and external IT vendors to drive security improvements.
• Hands‑on experience implementing security controls within CI/CD pipelines (e.g., Azure DevOps or Git‑based workflows), including secure build, deployment, and change management practices.
• Experience designing, reviewing, or securing Infrastructure as Code (IaC) deployments (e.g., ARM, Bicep, Terraform), with a focus on preventing misconfiguration and enforcing guardrails prior to deployment.
• Experience supporting or securing API‑based solutions, including systems using Azure API Management (APIM) for authentication, authorization, and traffic control.
• Experience securing Microsoft Power Platform solutions, including Power Apps, Power Automate, and Dataverse, with an understanding of environment security, access controls, and data protection models.
• Strong experience conducting third‑party/vendor risk assessments, with the ability to clearly communicate technical risks and remediation options to IT and engineering staff.
• Experience managing, configuring, and supporting Microsoft advanced threat protection and security monitoring technologies.
• Working knowledge of Microsoft Information Protection, including sensitivity labels, data classification, and Microsoft Compliance Center configurations.
• Ability to translate security requirements into clear, actionable technical guidance for engineers and IT teams, supporting risk‑based decision‑making.
• Excellent organizational and communication skills.
• Must be a team player, flexible and willing to undertake a wide variety of challenging tasks.
• Able to work independently with guidance and direction as appropriate.
Company:
Kleinfelder is an employee-owned engineering, science, and architecture consulting firm. Founded in 1961, the company is headquartered in San Diego, USA, with a team of 1001-5000 employees. The company is currently Late Stage.