Perkins&Will is an interdisciplinary, research-based architecture and design firm founded on the belief that design has the power to transform lives and enhance communities. Recognized as one of the world’s top global design firms, we focus on innovative research and design expertise to influence buildings and ideas that honor the broader goals of society.
Our world-class planning, design, engineering, and project management firms are dedicated to achieving our clients’ ambitions and supporting sustainable communities worldwide.
We aim to connect people, places, and communities by providing innovative solutions to the world’s most complex engineering and design challenges. Our network is united by a commitment to providing clients with multi-disciplinary solutions rooted in quality, innovation, collaboration, and sustainability.
Reporting to the Director of Enterprise Infrastructure, the Senior Security Analyst will ensure that all systems and data are appropriately protected against unauthorized access. The position will help Perkins&Will achieve compliance and maturity in privacy and security that is commensurate with our clients’ requirements.
This position requires exceptional communication, collaboration, and technical skills to drive the rapid security maturation of our exceptional IT teams.
This is a hands-on role that will include implementing all aspects of digital security, and in some cases, physical facilities’ privacy standards.
Qualifications:
- 3-5 years experience as a security analyst or working with technical security strategies at a senior level, Prefer previous helpdesk and infrastructure experience as well.
- CISSP certification preferred. SSCP or multiple GIAC certifications as minimum requirements.
- Demonstrated ability to work solo as well as in conjunction with Infrastructure and Helpdesk staff.
- Thorough understanding of web development and application security
- Thorough understanding of network protocols
- Familiarity and experience with computer forensics
- Must be an excellent communicator and speaker both in front of large groups of team members and in written interactions
- Ability to thrive in high-stress situations
- Familiarity with standards such as NIST, CMMC, ISO 27001, or other compliance frameworks and experience implementing corresponding policies and controls.
Responsibilities:
- Secure, support and grow a creative environment whose tools have not traditionally implemented security controls
- Lead efforts to anticipate, counter security breaches, and reduce the likelihood of future security alerts, incidents, and disasters.
- Define, plan, implement, maintain, and upgrade security measures, policies, and controls.
- Formalize and lead an incident response team, including training and testing.
- Report on the efficacy of the current security policies, incident responses, disaster recovery plans, and other security-related information.
- Assist with the creation and maintenance of security training programs.
- Monitoring security information collection systems and maintaining the relevant data.
- Oversee third-party vulnerability testing and internal and external security audits.
- Provide risk analyses based on testing results
- Analyze security breaches to identify the cause and to update incidence responses and disaster recovery plans.
- Define security standards for outside vendors, partners, and subcontractors. Plan and implement security questionnaires.
- Verify, document, and track security compliance of our vendors
- Participate in reviewing client security requirements and respond to security questionnaires from clients.
- Create security training and standards for IT staff.
- Recommend security enhancements to management or senior IT staff
- Primary responsibility for SIEM and vSOC management
- Key contributor for designing and maintaining compliance with standards such as ISO 27001, NIST 800-171, CMMC, and any other standards or frameworks that the company adopts.
- Work cooperatively with the application development, Infrastructure, and Helpdesk teams to mitigate security risks.
This position can be located in any US Perkins&Will studio location.