Senior Manager, Security Engineering

Build the future, spark innovation and align your career with purpose.

McKinstry is innovating the waste and climate harm out of the built environment and creating lasting impact. Together, we’re building a thriving planet.

Buildings are a leading contributor to the climate crisis, generating nearly 40% of total global energy-related carbon emissions. We’re making a lasting impact on our industry and within our communities by addressing the climate, affordability and equity crises through:

• renewables and energy services
• engineering and design
• construction and facility services

To get where we’re going, we need big thinkers, problem solvers and collaborative mindsets. Does that sound like you?               

The Opportunity with McKinstry

We are seeking a Senior Manager, Security Engineering to serve as McKinstry’s senior owner of security engineering — a role that sits at the intersection of hands-on technical depth and forward-looking people leadership. This is a critical, senior-level position responsible for designing, building, and governing McKinstry’s security engineering capabilities across application security, security architecture, network security, and the rapidly evolving domain of AI security.

This role owns the question “is security built in?” While the CISO sets vision and engages at the board and executive level, the Senior Manager, Security Engineering ensures McKinstry’s security is embedded by design: applications are built securely from the start, architecture decisions are reviewed and signed off with a security lens, network infrastructure is hardened and consistently governed, and AI-driven systems are assessed for the unique risks they introduce.

This role manages and develops a Security Engineering team that includes a dedicated AI Security Engineer — and actively represents the security engineering function on McKinstry’s Security, Legal, and Governance committees for AI Security, with regular C-suite briefings on program status and risk posture.

This role is ideal for a seasoned security engineer or architect who is ready to step into formal people leadership — someone who can hold their own technically across application, network, cloud, and AI security domains, while driving a team and a program forward with clarity and accountability.

In this role, you will:

•        Own McKinstry’s security engineering program — leading the design, implementation, and continuous improvement of security and security AI capabilities, controls, and automation across the organization.

•        Lead the application security program, embedding secure-by-design principles across the SDLC and partnering with development and product teams to shift security left.

•        Set and enforce McKinstry’s security architecture standards, conducting threat modeling and providing security sign-off on new systems, platforms, and cloud deployments.

•        Govern network security posture across on-premises, Azure, and hybrid environments, partnering with IT Infrastructure and Cloud Engineering on segmentation, firewall policy, and SASE.

•        Manage and develop the AI Security Engineer, directing AI/ML security assessments, MCP server security reviews, and AI agent risk evaluations across the organization.

•        Sit on McKinstry’s Security, Legal, and Governance committees for AI Security and deliver regular security engineering updates to the C-suite.

Key Responsibilities

Strategic Security Leadership & Executive Partnership

•        Partner with the CISO to shape McKinstry’s security engineering strategy, ensuring the engineering program is aligned to organizational risk priorities and business objectives.

•        Sit on McKinstry’s Security, Legal, and Governance committees for AI Security — representing the security engineering perspective and ensuring AI risk is appropriately governed.

•        Deliver regular security engineering updates to the C-suite, translating technical program status, risk posture, and investment needs into clear business language.

•        Represent the security engineering function in cross-functional leadership forums, architecture review boards, and executive-level discussions.

•        Contribute to board-level security reporting, including updates on engineering program health, vulnerability trends, architecture maturity, and AI security posture.

•        Translate McKinstry’s business and product growth objectives into security engineering requirements, ensuring security scales with the organization.

Core Domains of Responsibility:

This role leads the organization’s security engineering capabilities across these core domains:

Security Engineering & Design

•      Lead the design, implementation, and continuous improvement of the organization’s security engineering capabilities, controls, and automation

•      Own the security engineering roadmap, translating strategic risk priorities into actionable technical initiatives

•      Drive integration of security tooling, APIs, and automation pipelines across the security stack (SIEM, EDR, SOAR, vulnerability management)

•      Establish and maintain engineering standards, peer review processes, and quality gates for security solutions

Application Security

•      Lead the application security program, embedding secure-by-design principles across the software development lifecycle (SDLC)

•      Define and enforce secure coding standards, SAST/DAST tooling, dependency scanning, and code review requirements

•      Conduct and oversee application security assessments, penetration testing coordination, and remediation tracking

•      Partner with development and product teams to deliver security training and shift-left security practices

Security Architecture

•      Develop and maintain the organization’s security reference architecture, aligned to Zero Trust, defense-in-depth, and least-privilege principles

•      Review and provide security sign-off on architecture designs for new systems, platforms, integrations, and cloud deployments

•      Lead threat modeling exercises for high-risk systems, new product features, and major infrastructure changes

•      Ensure security architecture decisions are documented, communicated, and embedded into engineering standards

Network Security

•      Oversee the security posture of network infrastructure, including segmentation, perimeter controls, and secure remote access

•      Ensure network security standards are applied consistently across on-premises, cloud (Azure), and hybrid environments

•      Partner with IT Infrastructure and Cloud Engineering on firewall policy, VPN, SASE, and micro-segmentation initiatives

•      Review and approve network architecture changes with a security lens, maintaining current network security documentation

AI Security Leadership

•      Manage and develop Security Engineers, providing technical direction and leadership direction, including hiring coaching, performance management and career development

•      Maintain working knowledge of the OWASP AI Security Top 10 and apply it to the organization’s AI system risk reviews

•      Provide security oversight for Model Context Protocol (MCP) server deployments, including access controls, data exposure risks, and integration security

•      Ensure AI agent architectures are reviewed for security risks including prompt injection, data leakage, and unintended autonomous actions

•      Incorporate AI security alerting and monitoring requirements into the broader security operations and detection strategy

•      Stay current with emerging AI Security technologies and vulnerabilities

What You Need to Succeed at McKinstry

You don’t need to check every box below. We value significant relevant experience and encourage applicants who meet several of the qualifications to also apply. All applications will be reviewed, and the most qualified candidates will be considered for the next steps.

Experience

•      10 years of experience in cybersecurity, with 7 years in security engineering, application security, or security architecture roles

•      7 years in a people management or technical lead capacity within a security engineering or product security function

•      Demonstrated experience delivering security engineering programs across multiple domains (application, network, cloud)

Technical Expertise

•      Familiarity of AI agent security risks including prompt injection, unintended autonomy, and data exposure in agentic workflows

•      Strong hands-on background in application security — SDLC integration, SAST/DAST tooling, secure code review, and penetration testing coordination

•      Proficiency in security architecture design and documentation, including Zero Trust, defense-in-depth, and least-privilege frameworks

•      Working knowledge of network security controls, segmentation, firewall policy, VPN, and SASE architectures

•      Experience with cloud security engineering in hybrid environments — Azure expertise strongly preferred

•      Familiarity with scripting and automation relevant to security engineering (Python, PowerShell, Bash, or equivalent)

•      Working knowledge of the OWASP AI Security Top 10 and AI/ML system risk assessment approaches

•      Familiarity with Model Context Protocol (MCP) server architecture and associated security considerations

Governance & Frameworks

•      Working knowledge of NIST CSF, ISO 27001, SOC 2, and applicable regulatory and compliance requirements

•      Experience with threat modeling methodologies (STRIDE, PASTA, or equivalent) applied to complex system designs

Certifications (Preferred)

•      CISSP or CISM — required or in progress

•      CSSLP, GWEB, or equivalent application security certification a strong plus

•      Cloud security certifications (e.g., AZ-500, CCSP) valued

Leadership & Communication

•      Proven ability to manage, mentor, and grow technical security engineering talent

•      Strong communication skills — able to translate engineering risk into business impact for executive and non-technical audiences

•      Collaborative mindset with experience partnering across development, infrastructure, and product teams

•      Some travel required to job sites, vendor meetings, or industry conferences

PeopleFirst Benefits

When it comes to the basics, we have you covered:

• Competitive pay
• 401(k) with employer match and profit-sharing plan
• Paid time off and holidays
• Comprehensive medical, prescription, dental, and vision with low or zero deductible options and low out of pocket maximums

People come first at McKinstry, and we go beyond the basic benefits with:

• Family formation benefits, including adoption and IVF assistance
• Up to 16 weeks paid parental leave
• Transgender inclusive benefits
• Commuter benefits
• Pet insurance
• “Building Good” paid community service time
• Learning and advancement opportunities via McKinstry University
• McKinstry Moves onsite gyms or reimbursement for remote workers

See benefit plan documents for complete details.

If you’re driven by our vision to build a thriving planet together, McKinstry is the place to build your career.

The pay range for this position is $137,880 - $240,400 per year; however, base pay offered may vary depending on job-related knowledge, skills, and experience. Base pay information is based on market location. A bonus may be provided as part of the compensation package, in addition to a full range of medical, financial, and/or other benefits, dependent on the position offered.

The McKinstry group of companies are equal opportunity employers. We are committed to providing equal employment opportunities to all employees and qualified applicants without regard to sex, gender identity, sexual orientation, age, race, color, creed, marital status, national origin, disability, veteran status, genetic information or any other basis protected by law. This policy applies to all terms and conditions of employment including, but not limited to employment, advancement, assignment, and training. This commitment to Equal Employment Opportunity is made equally as a social responsibility and as an economic and business necessity.

McKinstry is a drug-free workplace. Employment is contingent upon successfully passing a pre-employment drug and alcohol test, complying with the requirements of the Immigration Reform and Control Act and a Confidentiality Agreement, in addition to successful outcomes of background and reference checks.

Applicants for this role will only be considered if they possess current US Work Authorization, and do not require employer-sponsored VISA support to begin or remain in this role.

#LI-NW1

Salary : $137,880 - $240,400