Information Security Analyst

Description

Your role at GEI.

As an Information Security Analyst for GEI, you will be responsible for designing, implementing, and managing the organization's information security program with a focus on compliance and risk management. This position requires deep expertise in industry-standard frameworks such as NIST, CMMC, SOC-2, or equivalent, and benefits from hands-on IT Systems Administration experience. The analyst will work cross-functionally to protect sensitive data, maintain regulatory compliance, and mitigate security risks in a dynamic technology environment. The successful candidate will be well versed in the world of information security and the challenges that network security brings, including an in-depth understanding of a variety of cyber security threats and any other vulnerabilities that may affect GEI.

Essential Responsibilities & Duties

• Provide security administration for all aspects of network operations including firewalls, VPN, routing, switching, network segmentation, wireless, backups, IPSec and content filtering.
• Monitoring security administration to ensure best practices
• Develop, implement, and maintain information security policies, standards, and procedures in alignment with NIST, CMMC, SOC-2, or similar frameworks.
• Lead risk assessments, vulnerability analyses, and security audits to identify and address security gaps.
• Monitor, analyze, and respond to security incidents; coordinate incident response efforts and root cause analysis.
• Collaborate with IT, compliance, legal, and business teams to ensure security controls meet regulatory and organizational requirements.
• Manage and track remediation activities from internal and external audits.
• Oversee third-party vendor risk management and ensure compliance with security requirements.
• Maintain awareness of emerging threats, vulnerabilities, and regulatory requirements, providing recommendations for continuous improvement.
• Train and educate staff on security best practices, policies, and procedures.
• Prepare and present reports to senior management regarding security posture, risk, and compliance status.
• Leverage IT Systems Administration expertise to support security architecture, incident response, and technical troubleshooting across servers, networks, endpoints, and cloud environments.

Minimum Qualifications

• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field; advanced degree or certifications (CISSP, CISM, etc.) preferred.
• 6+ years of experience in information security, with demonstrated expertise in NIST, CMMC, SOC-2, or equivalent compliance frameworks.
• In-depth knowledge of IT risk management, security controls, and incident response.
• Experience conducting security assessments, audits, and managing remediation activities.
• Strong analytical, problem-solving, and communication skills.
• Ability to work independently and collaboratively in a fast-paced environment.
• Strong attention to detail and organizational skills
• Strong understanding of Active Directory and Group Policy
• Working knowledge of Microsoft 365 environment

Preferred Qualifications:

• Professional certifications such as CISSP, CISM, CISA, or similar.
• Prior experience as an IT Systems Administrator or similar technical role, with hands-on management of servers, networks, endpoints, and cloud platforms.
• Experience with cloud security, endpoint protection, and network security technologies.
• Prior experience supporting CMMC, NIST 800-171/53, or SOC-2 audits and compliance programs.
• Understanding of regulatory requirements in sectors such as healthcare, finance, or government contracting.

We are GEI.

Some of the world's most pressing problems - from climate change to sustainable development, to critical infrastructure and the future of our energy supply - need our brightest and diverse minds working together to create safer, more resilient communities for tomorrow.

We are technical experts, collaborators, and entrepreneurs who draw from diverse backgrounds to solve our clients' most complex challenges.

With several offices across North America, we offer a range of engineering, science, and technical consulting services. Our range of expertise, project types, and culture make us the choice for top talent in the AEC industry. See all our office locations here .

Employee-owned. Employee-focused.

As an employee-owned company, our employees support our flat leadership structure, have a say in how our business operates and benefit from our financial success. We are committed to employee growth with career development opportunities, competitive total rewards, a well-being program, flexible work arrangements and more. Our company culture is driven by our 4 Cs - we are Client-Centered, Curious, Collaborative, and Community Minded - which support our focus on sustainability, safety, diversity, equity and inclusion. Get to know us better by visiting GEI's career site here .

GEI's Total Rewards Package Includes

• Market-Competitive Compensation, including Eligibility for an Annual Performance Bonus
• Pay Range For This Position: $115,000.00 - $125,000.00/year
• Comprehensive Benefits Program, including Medical, Dental, Vision, Life, Disability and More
• Well-Being Program and Paid Parental Leave
• Commuter Benefits
• Hybrid Work Schedules and Cell Phone Stipends
• GEI University (GEIU) with Continuing Education Assistance and Tuition Reimbursement
• Connecting Conversation Program with a Focus on Professional Development and Opportunities for Advancement
• Support and Financial Rewards for Publication Awards, Professional Dues, and Professional Licenses
• Paid Holidays and Generous Paid Time Off Program
• Rewards and Recognition
• GEI-Funded Profit Sharing and 401(k)
• Opportunity to be an Owner and Shareholder (Learn more here )
• A Vibrant Culture that is Focused on Partnership, Sustainability, Giving Back to Our Communities and Diversity, Equity and Inclusion
• And More...

PHYSICAL REQUIREMENTS

WORK ENVIRONMENT

Functional Demands:

Sedentary

x

Light

Medium

Other

Activity Level Throughout Workday (check one per row)

Physical Activity Requirements

Occasional

(0-35% of day)

Frequent

(33-66% of day)

Continuous

(67-100% of day)

Not Applicable

Sitting

x

Standing

x

Walking

x

Climbing

x

Lifting (floor to waist level) (in pounds)

x

Lifting (waist level and above) (in pounds)

x

Carrying objects

x

Push/pull

x

Twisting

x

Bending

x

Reaching forward

x

Reaching overhead

x

Squat/kneel/crawl

x

Wrist position deviation

x

Pinching/fine motor skills

x

Keyboard use/repetitive motion

x

Taste or smell (taste=never)

x

Talk or hear

x

Accurate 20/40

Very Accurate 20/20

Not Applicable

Near Vision

x

Far Vision

x

Yes

No

Not Applicable

Color Discrimination

Sensory Requirements

Minimal

Moderate

Accurate

Not Applicable

Depth perception

x

Hearing

x

Environment Requirements

Occupational Exposure Risk Potential

Reasonably Anticipated

Not Anticipated

Blood borne pathogens

x

Chemical

x

Airborne communicable diseases

x

Extreme temperatures

x

Radiation

x

Uneven surfaces or elevations

x

Extreme noise levels

x

Dust/particulate matter

x

Other (exposure risks):

Usual workday hours :

x

8

10

12

Other work hours

GEI is an AA/equal opportunity employer, including disabled and veterans.