IT Security Engineer

Corporate Security Role

Take Your Corporate Career to the Next Level

Kleinfelder, a Forbes' Top Employer for Engineers in North America, is committed to a people-first culture, technical excellence, and creating opportunities where employees can thrive!

Are you ready to be challenged, make a difference, and experience professional growth in your career? Kleinfelder's Corporate Services team is looking for you! From Accounting & Finance, Human Resources, Marketing & Communications, and Information Technology to Legal and Health & Safety, our corporate employees are part of the Kleinfelder ecosystem – supporting the projects that improve the communities we work and live in.

Step into Your New Role

In this highly visible, fast-paced, and challenging position, where you will collaborate with a multidisciplinary team of dedicated IT professionals. You will have the opportunity to work with cutting edge security solutions. Our security team is responsible for designing, implementing, managing, and monitoring the overall security posture of the organization. We partner with teams across the company to continually optimize our security posture while maintaining a hyper focus on the reliability and stability of our business environments.

Responsibilities:

• Partners Security Manager to create and maintain security architecture strategy road map.
• Develops and implements security tools to assist in detection, prevention, and analysis of security threats.
• Acts as the subject matter expert for Kleinfelder's identity access management program for both internal and external identities as well as design, implement, and support IAM best practice configurations.
• Partner with DevOps and engineering teams to embed security controls into CI/CD pipelines and application architectures, ensuring secure‑by‑design implementations throughout the Software Development Lifecycle (SDLC).
• Manages Kleinfelder's vulnerability management program and partners with other IT members to discover/remediate system vulnerabilities, documents results, and provides recommendations to minimize risks.
• Acts as technical leader for the implementation of security projects that require compliance with customer and corporate policies and standards.
• Represent security during the change advisory board (CAB) and software approval board to review and approve changes in software, hardware, facilities, telecommunications, and user needs.
• Monitors, tunes, and responds to Security Information Event Management (SIEM) security incidents, e.g., system compromise loss of confidentiality, authentication problems, etc.
• Conducts internal and external security audits, 3rd party risk assessments and security analyses to align with compliance standards.
• Documents, maintains, and updates cybersecurity policies and procedures working closely with other internal IT stakeholders.
• Recommends and installs upgrades to security controls to mitigate risks.
• Researches and evaluates new security technology, techniques, and industry best practices to minimize threats and vulnerabilities.
• Assist with day-to-day cybersecurity responsibilities including managing the spam mailbox, security awareness training, and security incident tickets.
• Support internal audits and customer assessments to identify risks and determine mitigation actions.
• Understands and participates in incident response, including steps to minimize the impact and conduct a technical and forensic investigations.
• Generates monthly security reports which demonstrates overall security maturity.

Required Skill/Experience:

• Bachelor's degree or equivalent experience
• 7+ years of progressive information security experience supporting enterprise environments.
• 5+ years of hands‑on experience designing, implementing, and supporting Active Directory and Azure Active Directory, including multi‑factor authentication (MFA), single sign‑on (SSO), conditional access policies, and password security controls.
• 3+ years of experience supporting security operations, including incident response, investigation, and remediation through a ticketing or helpdesk system.
• 3+ years' experience working with DevOps and engineering teams to integrate security into the Software Development Lifecycle (SDLC) rather than performing after‑deployment reviews.
• 2+ years of experience leading or contributing to technical security initiatives, collaborating across multiple departments and external IT vendors to drive security improvements.
• Hands‑on experience implementing security controls within CI/CD pipelines (e.g., Azure DevOps or Git‑based workflows), including secure build, deployment, and change management practices.
• Experience designing, reviewing, or securing Infrastructure as Code (IaC) deployments (e.g., ARM, Bicep, Terraform), with a focus on preventing misconfiguration and enforcing guardrails prior to deployment.
• Experience supporting or securing API‑based solutions, including systems using Azure API Management (APIM) for authentication, authorization, and traffic control.
• Experience securing Microsoft Power Platform solutions, including Power Apps, Power Automate, and Dataverse, with an understanding of environment security, access controls, and data protection models.
• Strong experience conducting third‑party/vendor risk assessments, with the ability to clearly communicate technical risks and remediation options to IT and engineering staff.
• Experience managing, configuring, and supporting Microsoft advanced threat protection and security monitoring technologies.
• Working knowledge of Microsoft Information Protection, including sensitivity labels, data classification, and Microsoft Compliance Center configurations.
• Ability to translate security requirements into clear, actionable technical guidance for engineers and IT teams, supporting risk‑based decision‑making.
• Excellent organizational and communication skills.
• Must be a team player, flexible and willing to undertake a wide variety of challenging tasks.
• Able to work independently with guidance and direction as appropriate.

Following an offer, candidates will be required to satisfactorily complete employment reference checks, verification of professional licensure and/or educational credentials, a motor vehicle report (MVR), and a comprehensive background check.

Move Forward with Kleinfelder:

Kleinfelder and its' subsidiaries and affiliates, has been connecting great people to the best work since 1961. We are engineers, scientists, and construction professionals providing solutions that improve our clients' transportation, water, energy, and other private infrastructure. As a responsive, cross-disciplinary team of bright, curious, and innovative problem-solvers, we are dedicated to doing the right thing, every day, on every project from over 110 offices in the US, Canada, and Australia. Connecting great people to the best work is our purpose – together, we deliver.

Progress with an Employer that Values You

Kleinfelder, and its' subsidiaries and affiliates, is an inclusive organization free from discrimination. We are a stronger organization when we are a diverse workforce and believe that through diversity, equity, and inclusion comes creativity, innovation, and unity. We are proud to offer the following:

Benefits: Kleinfelder, and its' subsidiaries and affiliates, offers an excellent compensation and benefits package, including: medical, dental, vision, life insurance, 401(k) plan, and paid holidays.

The expected salary range for the position is displayed in accordance with the California Pay Transparency Law.  Final agreed upon compensation is based upon individual qualifications and experience. Salary Range: $75,850-$126,585

Career Development: We are committed to investing in the professional development of our staff, offering each employee every opportunity to grow, develop, and take control of their career paths. We support these efforts through reimbursements for continuing education as well as many of the expenses associated with trainings and certifications, and opportunities for career development through our internal Mentoring Program.

Equal Opportunity: Kleinfelder, and its' subsidiaries and affiliates, is an Equal Opportunity Employer – Minorities/Women/Disabled/Veterans. (Compliant with the new VEVRAA and Section 503 rules)

Notice to Third Party Agencies

Please note that Kleinfelder, and its' subsidiaries and affiliates, does not accept unsolicited resumes from recruiters or employment agencies. In the absence of a signed Recruitment Fee Agreement, Kleinfelder, and its' subsidiaries and affiliates, will not consider or agree to payment for any referral compensation or recruiter fee. In the event a recruiter or agency submits a resume or candidate without a previously signed agreement, Kleinfelder, and its' subsidiaries and affiliates, explicitly reserves the right to pursue and hire those candidate(s) without any financial obligation to the recruiter or agency. Any unsolicited resume, including those submitted to hiring managers, are deemed to be the property of Kleinfelder.