Cybersecurity Assessor
Apply Now!
Back to search
Location: New York, New York
Posted: 4/6/2026
Location Name: New York
Wage Max: 150,000.00 Annual
Wage Min: 90,000.00 Annual
Position Type: Full-Time
COMPANY OVERVIEW
Join our award-winning team at Information Management Resources, Inc. (IMRI), a small business leader in the technology industry known for our commitment to innovation, excellence, and authenticity. Founded in 1992, IMRI has been at the forefront of delivering advanced cybersecurity and IT solutions, safeguarding organizations against evolving threats. We have built a reputation for our expertise in Cybersecurity, Digital Transformation, Strategic Business Consulting, and Staff Augmentation. Guided by our core values of innovation, excellence, and a solution-driven mindset, we have served a diverse portfolio of customers that includes federal agencies, state and local governments, and Fortune 1000 companies.
At IMRI, we recognize the integral part our employees play in our ongoing success. To support this, we offer a comprehensive benefits package, tailored to meet the individual needs of our employees. We are committed to promoting their overall well-being and equipping them with the necessary tools to flourish in their careers. We welcome you to be a part of our ongoing mission as we continue to navigate the digital landscape, committed to empowering organizations with our innovative solutions.
Position: Cybersecurity Assessor
Position Summary: The Cybersecurity Assessor evaluates enterprise systems, networks, and applications to identify vulnerabilities, assess risks, and ensure compliance with security policies and regulatory standards. They provide actionable recommendations and collaborate with technical and business teams to strengthen security controls and reduce organizational risk.
Key Duties and Responsibilities:
Expertise in GRC methodologies, security control auditing, and third-party risk assessments. Proven ability to interpret federal compliance mandates (NIST SP 800-53, 800-37) and evaluate technical and administrative controls. Strong competency in conducting "Security Impact Analyses" and managing Plan of Action and Milestones (POA&M) documentation. Compliance & Assessment Support: Conduct security and compliance assessments across internal systems and third-party vendors, supporting adherence to organizational and regulatory requirements.
Third-Party Risk Assessments: Evaluate the security practices of external service providers and assist with managing vendorrelated risks throughout the assessment of lifecycle.
Findings & Remediation Tracking: Analyze assessment results, document findings, and support remediation efforts by tracking issues and helping teams prioritize corrective actions.
Cross-Functional Coordination: Work with business and technical stakeholders to clarify compliance requirements and support the resolution of identified risks within accepted thresholds.
Risk Documentation & Reporting: Use risk management tools and reporting dashboards to maintain assessment documentation, track risk metrics, and contribute to security posture reporting.
Cross-Functional Synergy: Serve as a bridge between Business Analysts and Cybersecurity Engineers, translating compliance requirements into actionable remediation tasks while maintaining organizational risk thresholds.
GRC Tool Proficiency: Use industry-standard GRC platforms (e.g., Archer, ServiceNow) and Third-Party Risk tools (e.g., OneTrust, Prevalent) to centralize documentation and streamline assessment workflows.
Data-Driven Risk Reporting: Convert complex assessment findings into actionable insights with Power BI and Excel, maintaining dashboards that communicate enterprise security posture to stakeholders.
Security Control Execution & Validation: Perform daily RMF lifecycle control assessments, including evidence collection, walkthroughs, testing of technical/administrative controls, and POA&M tracking to ensure risk remains within tolerance.
Requirements:
5+ years experience in a similar role
Required certifications: CISA, CRISC, CGEIT, CISSP, CompTIA Security+, CCSK, CAP/ISC2 CGRC
Experience with the following technologies: GRC Platforms (Archer/ServiceNow), Third-Party Risk Tools (OneTrust/Prevalent), MS Excel (Advanced), MS Power BI, MS Visio, JIRA, and Microsoft Office Suite.
IMRI offers top-tier benefits that include: medical coverage through nationally recognized carriers, ancillary coverages, paid vacation and sick leave in compliance with all state and local laws, 401(k) with company match, company paid life insurance and LTD, and several additional voluntary coverages.
Pay will be commensurate with the experience, skills, and qualifications that the candidate brings to the position.
EQUAL EMPLOYMENT OPPORTUNITY
EEO/Affirmative Action Statement and Non-Discrimination Policy IMRI is an Equal Employment Opportunity employer committed to maintaining a non-discriminatory, diverse work environment. In accordance with Title VII of the Civil Rights Act of 1964, Section 503 of the Rehabilitation Act of 1973, Vietnam Era Veteran's Readjustment Assistance Act of 1974 (VEVRAA), Americans with Disabilities) (ADA), and other federal, state, and local anti-discrimination laws, IMRI does not unlawfully discriminate against any person on the basis of race, color, religion, sex, national origin, ancestry, genetic information, age, marital status, sexual orientation, physical or mental disability, or status as a special disabled veteran or other veteran. IMRI will take affirmative action to assure equal opportunity for employment is provided with regard to all personnel actions. This is including but not limited to: recruitment, selection, compensation, benefits, training, promotion, demotion, layoff, termination and all other terms and conditions of employment.
Apply Now!
