At Gensler, wedesignfor people. We leverage our global perspective and local presence to innovate at every scale. We're not just designers. We're tinkerers, craftspeople, visionaries, innovators,and thought leaders. Fueled by passion and entrepreneurial spirit, our people bring new ideas to solvethe world's mostchallenging problems, like designing a moreresilient, inclusive, and equitable future for our communities and cities.

Our people-centered, "People First" culture and "One Firm-Firm" motto promotes a "Team of Teams" that unite to shape the future of cities. Gensler's vision is to "Create a Better World through the Power of Design," and we do that by our deep commitment to our clients and by fostering a collaborative, diverse, and inclusive environment that enables our people to create impactful solutions together.

Your Role

As the Lead Cyber Security Engineer you will be the primary point of contact for the Secure Access Service Edge (SASE) implementation , shaping a global SASE implementation to protect architectural and design data. Collaborating as the technical lead of a Security Operations team, you will be on the forefront of designing and utilizing unique security solutions with a remarkably low signal-to-noise ratio, providing seamless security to global architecture and design teams. You will work closely with the full range of I.T. engineers and administrators to strengthen enterprise cybersecurity worldwide.

What You Will Do

• Provide technical leadership to a Security Operations Team, with broad based experience in applying capabilities of multiple cyber security products.

• Be capable and prepared to effectively communicate for the Global Director of Cyber Security (functional CISO) in their absence with global I.T., business, and design leaders

• Be the subject matter expert for a SASE implementation

• Work with a team of security experts to advance a nonconventional approach to security operations.

• Identify and resolve cybersecurity threats to the global firm as well as strive to protect the firm from anticipated threats

• Not just a "ticket cruncher", your work with Gensler's trouble ticket system will be bidirectional as you review security processes and work with the support desk to design new, automated, efficient processes within an ITIL, CIS CSC, SOC2, CMMC, and ISO 27001 security frameworks.

• Work with the rest of Gensler's systems administrative staff to shape Windows domain policy, workstation application policy and to ensure Windows and Linux servers are in line with enterprise goals.

• Participate in discussions to further review and refine existing RBAC structures

Your Qualifications

An employee-owned company, Gensler is social, collaborative and entrepreneurial - authority comes from the team, not a given individual. Our top candidate will have strong social and communication skills, a collaborative attitude and demonstrate strong technical acumen.

Required:

• Bachelor's degree

• 5 years minimum cybersecurity experience, with at least 3 years' experience in a security operations role, preferably in a global enterprise.

• 5 years minimum additional I.T./I.S. experience.

• 2 years experience with Secure Access Service Edge (SASE) or its components.

• SDWAN: Palo Alto Prisma (CloudGenics); Aruba EdgeConnect (SilverPeak); VMware (VeloCloud); Meraki or other SDWAN solutions

• Security Service Edge (SSE) / CASB: Zscaler; Palo Alto Prisma; Cisco Secure Connect; Netskope; Cato; or other SSE solution.

• Senior level technical Cybersecurity certification:

• CISSP or GISP

• Preferred: One I.T. Networking certification with Secure Web Gateway curriculum

• PCNSE/PCNSA or CCNP Security or other equivalent.

Additional Preferred Technical Experience:

• Email Security Gateways: Agari, Microsoft ATP, Darktrace Antigena, Proofpoint, MimeCast

• Endpoint Detection & Response (EDR): Crowdstrike, Cortex, Microsoft Defender, SentinelOne;

• Extended Detection Response (XDR): Hunters, Palo Alto Cortex, others.

• Intrusion Detection/Prevention Systems (IDS/IPS): Palo Alto NGFW, Darktrace, Cisco

• Vulnerability Management: Qualys, Tenable, Nessus

• Identity & Access Management: Ping, Okta

• Data Loss Prevention (DLP)

• Security Information & Event Management (SIEM)

• Disaster Recovery and Backup:

• Security Awareness Training: KnowBe4, Wombat

• Pentesting tools: Pentera, others

Non-Technical Requirements:

• Strong written & verbal communication skills in the English language

• US Citizenship is required due to government contracts and facility work,

• Successful completion of a background check is required, as this person will be managing sensitive information

• Comfortable performing systems administration in an open office and social environment

• Available 24/7/365 during a security incident in order to collaborate with your team.

• Able to work in a Gensler Los Angeles regional office a minimum of 4 of 5 work days per week

• Able to do light work, including the ability to lift 10 lbs with the majority of the day being sitting, standing or walking.

**If the position is filled in Oakland, CA; the compensation range is estimated at $170k-$190k plus bonuses and benefits and depending upon experience.