Cybersecurity Engineer

JBG SMITH owns, operates, invests in, and develops a dynamic portfolio of high-growth mixed-use properties in and around Washington, DC. Our creativity and scale enable us to be more than owners-we are place makers who shape inspiring and engaging places, which we believe create value and have a positive impact in every community we touch.

JBG SMITH has been named multiple times as one of the Washington Post's Top Workplaces in the region and we pride ourselves in both our outstanding work environments and opportunities for career growth and advancement.

Our Technology team is seeking a Cybersecurity Engineer to strengthen our cloud and enterprise security posture. Reporting to the VP of Infrastructure, this role will support transformational infrastructure and IT initiatives while playing a key role in advancing and maturing our cybersecurity program.

HOW YOU WILL BE CHALLENGED

This role is ideal for an engineer who thrives in complex & fast paced environments, enjoys real ownership, and wants to materially influence the security posture of a multi-faceted real estate company. Responsibilities will include:

Design, deploy, and promote cloud security solutions for Azure and AWS platforms.
1. Manage identity and access controls for both on-premises and Azure environments using technologies like Azure Entra, Active Directory, internal PKI, Intune, NDES, MFA, PIM, Security Group Management, Group Policy, and Kerberos.
2. Possess strong knowledge of modern cloud and data center architectures, platforms, and their impact on business goals, and lead teams to quickly resolve incidents and outages.
3. Support all products within the functional area, from creation and deployment to ongoing performance, aligning with business, global infrastructure, and security requirements.
4. Oversee enterprise-level email security tools.
5. Manage, coordinate, and communicate with Security and IT Service providers to ensure services are being delivered and utilized appropriately.
6. Monitor and analyze security events and alerts from multiple sources, and respond to threats and vulnerabilities.
7. Script and automate processes using tools such as Python, PowerShell, and Bash.
8. Promote security awareness (e.g., phishing simulations) and best practices throughout the organization.
9. Investigate intrusion attempts, conduct thorough exploit analyses, and test defensive controls and response measures.
10. Collaborate with internal IT and other departments to deliver infrastructure and network solutions that support business growth and enhance tenant experiences.
11. Develop processes and comply with strict regulatory requirements for network operations.
12. Continuously evaluate and improve infrastructure to meet business needs, identify cost-saving opportunities, and further cloud adoption.

1. A Bachelor's degree in Computer Science, Information Technology, or a related field-or equivalent experience-is required.
2. Familiarity with the Microsoft 365 Suite is essential.
3. Candidates must be self-motivated, able to handle multiple tasks, prioritize efficiently, and thrive in fast-paced, dynamic settings.
4. Proven expertise managing enterprise-level infrastructure across multi/hybrid cloud environments, including Azure, AWS, and on-premise or colocation data centers; previous migration and transitional environment support are advantageous.
5. Experience with MS Windows implementation, operations, and security for both workstations and servers.
6. In-depth knowledge of Cloud Service Operations & Controls, network monitoring/management tools, network access control (Cisco ISE), NIST Framework, Zero trust solution (Zscaler), sophisticated networks and dynamic routing protocols (BGP, EIGRP), SD-WAN, VoIP/Cloud Voice Solutions, SaaS, PaaS, IaaS, SCCM and device/system patching, Building Automation Systems, SIEM (Splunk, CrowdStrike), network and endpoint security tools, firewalls (Palo Alto, Meraki, Cisco, Ruckus), Citrix, as well as WVD/Workspaces.
7. Competence in email security tools and flow (DKIM, DMARC)
8. Demonstrated history of providing compute and networking infrastructure to underpin business initiatives.
9. Ability to perform initial triage on security incidents.
10. Capable of supporting transient network challenges and making real-time decisions to maintain continual business operations, while promptly communicating issues.
11. Competence in tracking and reporting key performance indicators for network and cloud system availability.
12. Outstanding verbal and written communication skills, with the capacity to effectively convey information to non-technical audiences; strong persuasive abilities to gain trust across all organizational levels.
13. Effective at prioritizing, organizing, and communicating multiple projects of varying complexity, often under tight deadlines.
14. Able to excel both independently and as part of a team.
15. Willingness to adapt to change, quickly learn new software, and embrace emerging technologies.

OR

Any equivalent combination of education, training and/or experience that fulfills the requirements of the position will be considered.

The compensation range for this position is $130,000 to $160,000 annually. This position is also eligible for an annual performance bonus. Please note that the compensation range information provided is a general guideline. It is uncommon for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on a variety of factors. JBG SMITH considers factors such as (but not limited to) scope and responsibilities of the position, candidate's work experience, candidate's work location, education/training, key skills, internal peer equity, external market data, as well as market and business considerations when making compensation decisions.

JBG SMITH is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, status as a protected veteran, disability, sexual orientation, genetic information or any other protected class, in accordance with applicable law.