Cybersecurity Administrator

The role at a glance:

NBBJ is currently seeking a Cybersecurity Administrator to join our Columbus, Los Angeles or Seattle studio. The Security Administrator is responsible for monitoring, triaging, and investigating security alerts that impact NBBJ’s global digital environment. This role focuses on operational security functions, including incident investigation, security tooling administration, and hands-on support for implementing and maintaining security controls. The Security Administrator partners closely with the Security Engineer to strengthen the firm’s overall security posture while promoting cybersecurity as a collaborative and business-enabling function.

The ideal candidate is detail-oriented, highly responsive, and takes pride in their work. Success in this role means ensuring that security events are addressed quickly and thoroughly, that controls are consistently applied, and that security operations run smoothly across all regions.

In your new role, you will:

Security Operations and Monitoring

Monitor security alerts from SIEM, EDR, email security, identity systems, cloud platforms, and other security tools.

Investigate suspicious activity by collecting evidence, analyzing logs, and escalating incidents as needed.

Document investigation notes, timelines, and outcomes for all security events.

Tune alerting rules and detection logic to improve fidelity and reduce noise.

Incident Response Support

Serve as the first responder for security incidents, ensuring timely triage and escalation.

Assist the Lead Security Engineer during active investigations and coordinated response efforts.

Maintain and update incident response procedures, checklists, and documentation.

Participate in tabletop exercises, lessons-learned reviews, and improvements to processes.

Security Controls Administration

Support deployment, configuration, and maintenance of security tools, including EDR, MDM, vulnerability scanners, and cloud security platforms.

Work with IT and engineering teams to apply technical and administrative controls based on firm, client, and regulatory requirements.

Help implement policies, standards, and procedures across endpoints, networks, and cloud services.

Maintain inventories, dashboards, and reporting for security technologies.

Vulnerability and Patch Support

Assist with the vulnerability management lifecycle by validating findings, tracking remediation progress, and verifying closure.

Coordinate with system owners to ensure patches and configuration changes are applied according to risk and priority.

Monitor trends and recurring issues to help inform long-term improvements.

Governance, Risk, and Compliance Support

Provide evidence and documentation for audits or client security assessments.

Support the Lead Security Engineer with mapping controls to frameworks such as NIST 800-171, CMMC, Cyber Essentials Plus, and CIS Controls.

Maintain internal documentation related to standards, objectives, and operating procedures.

Collaboration and Communication

Partner with Systems, Operational, and business teams to resolve security-related issues.

Provide clear, practical communication to stakeholders with varying levels of technical expertise.

Support the security awareness program by assisting with training, phishing simulations, and guidance to staff.

Miscellaneous Responsibilities

Assist in managing MSSP communications, escalations, and case follow-up.

Develop scripts or automations to streamline repetitive tasks.

Perform administrative tasks related to asset management, access reviews, and security reporting.

What you will need to succeed:

Associate or Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or equivalent work experience

2 to 4 years of experience in IT security, SOC operations, or related technical support roles

Security+, CCNA Security, or equivalent experience required

Additional certifications such as GSEC, GCTI, or Microsoft security certifications are preferred

Strong understanding of security fundamentals and attack lifecycle

Experience working with SIEM, EDR, identity security, and cloud security platforms

Ability to analyze logs across endpoints, networks, and cloud systems

Strong written and verbal communication skills

Familiarity with scripting or automation using PowerShell or Python

Experience with Windows, macOS, and Linux environments

Additional attributes to help you succeed:

Experience supporting distributed teams across multiple regions or time zones

Knowledge of regulatory or client frameworks, including Cyber Essentials Plus, NIST 800-171, CMMC L1 or L2, and CIS Controls

Ability to prioritize multiple issues and maintain service levels in a dynamic environment.

Strong attention to detail, curiosity, and a commitment to continual improvement

The annual base pay range for this role is anticipated to be between $80,000-$100,000. Actual compensation for successful candidates will be carefully determined based on a number of factors, including their skills, qualifications and experience.