IT Security Analyst

Fmi•Denver, CO

9d•$80,000 - $100,000•Hybrid

About The Position

FMI is the leading consulting and investment banking firm dedicated exclusively to the built environment. For over 70 years, we have partnered with organizations across engineering and construction, infrastructure, and related industries to deliver deep industry expertise, trusted advisory services, and forward-looking insights. With a national and international footprint, FMI helps clients shape their strategies, strengthen their businesses, and achieve their goals in a rapidly changing world. FMI Corporation is seeking an IT Security Analyst to join our Corporate Services team. This mid-level role focuses on daily security monitoring, incident response, identity and access management, vulnerability management, and supporting FMI's ongoing cybersecurity maturity efforts. The position will report to the Director of IT and Security and will work closely with FMI's IT Systems Engineer, internal IT team members, and external security partners. The ideal candidate will have 3-5 years of hands-on security or IT operations experience, strong analytical skills, and a passion for advancing security best practices across the organization. This is a full-time job based in our Denver office, in Cherry Creek, with an expectation of being on-site at least 3 days per week aligned with FMI's hybrid work model. Applicants must be legally authorized to work in the U.S. on a full-time basis. FMI is unable to provide visa sponsorship—including H-1B or STEM OPT—at this time.

Requirements

Bachelor's degree in information security, computer science, or related field (or equivalent experience).
3-5 years of experience in information security, IT operations, or system administration.
Experience managing Microsoft 365 Defender, Cisco Secure Endpoint, and SIEM systems.
Familiarity with NIST or ISO 27001 frameworks, incident response processes, and vulnerability management.
Exposure to compliance programs such as NIST CSF, ISO 27001, or SOC 2.
Scripting or automation experience (PowerShell or Python).
CompTIA Security+, Microsoft SC-200, or CySA+ preferred (required within 6 months of hire)
Ability to work both independently and collaboratively in a small team environment.
Strong documentation, reporting, and communication skills.
Ability to travel up to 10% to regional offices (Raleigh, Denver, Houston, Tampa).
Ability to perform computer-based work for extended periods and occasionally lift up to 10 lbs.
Must be able to commute to the office three or more days per week.

Nice To Haves

CISSP or similar certifications are a plus.
Lead cross-functional security projects and influence stakeholders.
Tune SIEM rules, build new detections, and onboard log sources.
Translate technical risks into actionable business insights.
Recommend improvements to identity lifecycle and access control processes.
Support tabletop exercises and user awareness initiatives.
Gain exposure to compliance tools such as Vanta or Drata.

Responsibilities

Monitor and investigate alerts from Microsoft 365 Defender, Cisco Secure Endpoint, and SIEM systems.
Monitor failed MFA attempts, risky sign-ins, and conditional access events.
Assist with phishing simulations, user awareness campaigns, and education follow-ups.
Respond to security incidents with triage, containment, documentation, and root-cause analysis.
Assist in migrating email security policies from Cisco ESA to Microsoft Defender and ETD platforms.
Maintain Entra ID configuration, MFA enforcement, and risk-based sign-in policies.
Manage privileged access, break-glass accounts, and role-based access reviews.
Conduct quarterly user and group access reviews for business applications.
Support onboarding/offboarding automation and SSO integrations.
Maintain asset and application inventories to support patching and lifecycle tracking.
Conduct vulnerability scans, validate findings, and monitor remediation efforts.
Collaborate with IT to coordinate monthly patching and report compliance metrics.
Support SIEM operations including log ingestion, correlation, and dashboard maintenance.
Onboard new data sources into SIEM and ensure log health and completeness.
Maintain detection use cases, triage playbooks, and summary reporting.
Maintain accurate security documentation, diagrams, and compliance records.
Collaborate with internal teams to embed security best practices across processes and applications.
Prepare monthly and quarterly summaries of incidents, trends, vulnerabilities, MFA adoption, and risk items for leadership.
Use PowerShell or Python to assist with evidence collection, alert enrichment, and automation.
Develop automation and AI-driven workflows for alert triage, summaries, and reporting.
Evaluate and implement safe, value-adding automation in partnership with the Director of IT and Security.

Benefits

FMI provides a comprehensive benefits package that includes paid employee medical insurance, life insurance, long-term disability, a strong 401(k) plan, PTO, parental leave, and optional benefit elections.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume