The role at a glance:

NBBJ is currently seeking a Cybersecurity Administrator to join our Columbus, Los Angeles or Seattle studio. The Security Administrator is responsible for monitoring, triaging, and investigating security alerts that impact NBBJ’s global digital environment. This role focuses on operational security functions, including incident investigation, security tooling administration, and hands-on support for implementing and maintaining security controls. The Security Administrator partners closely with the Security Engineer to strengthen the firm’s overall security posture while promoting cybersecurity as a collaborative and business-enabling function. 

The ideal candidate is detail-oriented, highly responsive, and takes pride in their work. Success in this role means ensuring that security events are addressed quickly and thoroughly, that controls are consistently applied, and that security operations run smoothly across all regions. 

In your new role, you will: 

• Monitor security alerts from SIEM, EDR, email security, identity systems, cloud platforms, and other security tools. 
• Investigate suspicious activity by collecting evidence, analyzing logs, and escalating incidents as needed. 
• Document investigation notes, timelines, and outcomes for all security events. 
• Tune alerting rules and detection logic to improve fidelity and reduce noise.

• Serve as the first responder for security incidents, ensuring timely triage and escalation. 
• Assist the Lead Security Engineer during active investigations and coordinated response efforts. 
• Maintain and update incident response procedures, checklists, and documentation. 
• Participate in tabletop exercises, lessons-learned reviews, and improvements to processes. 

• Support deployment, configuration, and maintenance of security tools, including EDR, MDM, vulnerability scanners, and cloud security platforms. 
• Work with IT and engineering teams to apply technical and administrative controls based on firm, client, and regulatory requirements. 
• Help implement policies, standards, and procedures across endpoints, networks, and cloud services. 
• Maintain inventories, dashboards, and reporting for security technologies. 

• Assist with the vulnerability management lifecycle by validating findings, tracking remediation progress, and verifying closure. 
• Coordinate with system owners to ensure patches and configuration changes are applied according to risk and priority. 
• Monitor trends and recurring issues to help inform long-term improvements. 

• Provide evidence and documentation for audits or client security assessments. 
• Support the Lead Security Engineer with mapping controls to frameworks such as NIST 800-171, CMMC, Cyber Essentials Plus, and CIS Controls. 
• Maintain internal documentation related to standards, objectives, and operating procedures. 

• Partner with Systems, Operational, and business teams to resolve security-related issues. 
• Provide clear, practical communication to stakeholders with varying levels of technical expertise. 
• Support the security awareness program by assisting with training, phishing simulations, and guidance to staff. 

• Assist in managing MSSP communications, escalations, and case follow-up. 
• Develop scripts or automations to streamline repetitive tasks. 
• Perform administrative tasks related to asset management, access reviews, and security reporting. 

What you will need to succeed:

• Associate or Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or equivalent work experience
• 2 to 4 years of experience in IT security, SOC operations, or related technical support roles
• Security+, CCNA Security, or equivalent experience required
• Additional certifications such as GSEC, GCTI, or Microsoft security certifications are preferred
• Strong understanding of security fundamentals and attack lifecycle
• Experience working with SIEM, EDR, identity security, and cloud security platforms
• Ability to analyze logs across endpoints, networks, and cloud systems
• Strong written and verbal communication skills
• Familiarity with scripting or automation using PowerShell or Python
• Experience with Windows, macOS, and Linux environments

Additional attributes to help you succeed:

• Experience supporting distributed teams across multiple regions or time zones
• Knowledge of regulatory or client frameworks, including Cyber Essentials Plus, NIST 800-171, CMMC L1 or L2, and CIS Controls
• Ability to prioritize multiple issues and maintain service levels in a dynamic environment.
• Strong attention to detail, curiosity, and a commitment to continual improvement
   
   

Why choose NBBJ?

We believe that all NBBJ employees should love their work. This means not only loving what you do but having pride in your workplace. We strive to be that irresistible place to work by enhancing your employee experience with customized programs and comprehensive benefits. In addition to 100% covered employee healthcare costs and 401k contributions, we offer unique professional development opportunities, volunteer opportunities and access to leading technology and resources to further help you love your work and advance your career.

• NBBJ has been named three times by Fast Company as one of the most innovative architecture firms.
• Founded in 1943, our first office opened over 75 years ago in Seattle, Washington. We now have over 10 office locations around the globe.
• We are a transdisciplinary, cross-practice focused firm with a deep portfolio of Civic & Cultural, Commercial, Corporate, Healthcare, Higher Education, Science and Technology, Sports, and Urban Environment projects. We also have several areas of service expertise including: Architecture, Environmental Graphic Design, Interior Design, Lighting Design, Workplace Consulting and more.
• In the past decade, NBBJ has received more than 300 awards from leading global, national and regional award programs across the business, real estate and design communities.
• We work with 5 of the top global high-tech companies, 14 of the U.S. News and World Report Top Hospitals, and 4 of the top 10 highest-ranked learning institutions.
• Our clients include institutional leaders such as Cambridge University, Google, Samsung, Cleveland Clinic, Tencent, and Stanford University.