Compensation Range (Colorado only):

$72,390-$80,010

Any Employment Offers are Contingent Upon Successful Completion of the Following:

Verification of Work Authorization and Employment Eligibility  Substance Abuse Screening Physical Exam (if applicable) Background Checks for Badging/Security Clearances (if applicable)

 

About Hensel Phelps:

Founded in 1937, Hensel Phelps specializes in building development, construction and facility services in markets ranging from aviation to government, commercial, transportation, critical facilities, healthcare and transportation. Ranked #1 in aviation and #12 overall general contractor in 2021 by ENR, Hensel Phelps is one of the largest employee-owned general contractors in the country. Driven to deliver EXCELLENCE in all we do and supported by our core values of Ownership, Integrity, Builder, Diversity and Community—Hensel Phelps brings our clients’ visions to life with a comprehensive approach that begins with innovative planning and extends throughout the life of the property.

 

Position Description:

The Security Analyst performs two core functions for the enterprise. The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation, and resolution of security breaches detected by those systems. Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures as well as conducting vulnerability audits and assessments. The Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures, and guidelines and to actively work towards upholding those goals.

 

Position Qualifications:

College diploma or university degree in Computer Science and/or two years equivalent work experience. One or more of the following certifications: CompTIA Security+; GIAC Information Security Fundamentals; Microsoft Certified Systems Administrator: Security; Associate of (ISC)2 Experience with Microsoft 365 and Azure Security, and Cisco technologies. Working technical knowledge of networking, TCP/IP, and subnetting.   Strong understanding of DNS, DHCP, URL Filtering, vulnerability concepts. Familiarity with threat hunting, phishing, vishing, MITRE ATTACK Framework, and hacking techniques. Proven analytical and problem-solving abilities. Ability to effectively prioritize and execute tasks in a high-pressure environment. Good written, oral, and interpersonal communication skills. Ability to conduct research into IT security issues and products as required. Ability to present ideas in business-friendly and user-friendly language. Highly self-motivated and directed. Keen attention to detail. Team-oriented and skilled in working within a collaborative environment.

 

Essential Duties:

Participate in the planning and design of enterprise security architecture, under the direction of the IT Security Manager, where appropriate. Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT Security Manager, where appropriate. Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors. Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security. Participate in the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically. Monitor all in-place security solutions for efficient and appropriate operations. Review logs and reports of all in-place devices, whether they be under direct control (i.e. security tools) or not (e.g. workstations, servers, network devices). Interpret the implications of that activity and devise plans for appropriate resolution. Participate in investigations into problematic activity. Participate in the design and execution of vulnerability assessments, penetration tests, and security audits. Provide on-call support for end users for all in-place security solutions.

 

Benefits:

Hensel Phelps provides generous benefits for our salaried employees. This position is eligible for company paid medical insurance, life insurance, accidental death & dismemberment, long-term disability, 401(K) retirement plan, health savings account (HSA) (HSA not available in Hawaii), and our employee assistance program (EAP). It also is eligible for employee paid enrollment in vision and dental insurance. Hensel Phelps also believes in the importance of taking time to recharge. As a result, salaried employees are eligible for paid time off beginning upon hire. Salaried positions (project engineers and above) participate in an annual bonus plan, subject to company and employee performance. Salaried employees (this is all salaried employees) are also eligible for a company cell phone or cell phone allowance in accordance with company policy. Further, salaried employees (project engineers and above) also receive either a vehicle or vehicle allowance in accordance with Hensel Phelps’ policies.  Based on position location, a cost of living adjustment (COLA) may also be included (subject to periodic review and adjustment).   

 

Equal Opportunity and Affirmative Action Employer:

Hensel Phelps is an equal opportunity and affirmative action employer.  Hensel Phelps shall not discriminate against any employee or applicant for employment on the basis of race, color, religion, sex, age, national origin, sexual orientation, gender identity and expression, domestic partner status, pregnancy, disability, citizenship, genetic information, protected veteran status, or any other characteristic protected by federal, state, or local law.

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)