Cybersecurity Analyst

Company Overview

JRM is one of the top General Contracting and Construction Management Firms with over a decade of trusted experience. Headquartered in New York City with offices in New Jersey, California, and Florida, JRM delivers the highest quality services to clients that include City, State & Federal Agencies, Fortune 500 corporations, respected property owners & developers, major law firms, media & tech firms, leading luxury retailers, renowned hospitality groups, life sciences & healthcare organizations, and financial services firms. JRM knows that dedicated, accomplished employees are the heart of any successful enterprise. We are focused on maintaining a diverse, inclusive, and authentic workplace and are always looking to add passionate personnel to our teams across the US.

Job Summary

We are seeking a Cybersecurity Analyst who combines a strong foundation in Windows-based IT administration with hands-on experience implementing and managing modern information security tools, alongside a governance-focused mindset. This role is critical to the success of our security operations and will play a key part in evaluating, testing, and deploying emerging technologies and new procedures—ensuring JRM remains proactive in an ever-evolving cybersecurity landscape. The ideal candidate is not only technically proficient but also highly organized, with the ability to manage multiple priorities, maintain detailed documentation, and uphold structured workflows.

Reporting directly to the Manager of Information Security, this position offers an exciting opportunity for a security-minded technologist to thrive within a forward-thinking program that values agility, operational excellence, and continuous improvement.

Responsibilities

Governance & Risk Management:

• Assist in developing, documenting, and enforcing cybersecurity policies, standards, and control procedures.


• Support alignment with frameworks such as NIST CSF, ISO 27001, and CIS Controls.


• Maintain the security risk register and participate in risk assessments and remediation tracking.

Windows IT Administration & Hardening:

• Leverage expertise in Windows Server, Active Directory, DNS, Group Policy, and PowerShell for secure system administration.


• Work with the IT and infrastructure teams to ensure secure configurations and compliance enforcement across the environment.


• Assist with endpoint management and compliance leveraging modern UEM, MDM, and EDR tools.

Identity Security & Access Management:

• Support identity governance practices, privileged access controls, phishing resistant MFA, and conditional access policy development across Microsoft Entra ID and other third-party IdPs.


• Participate in lifecycle management processes including secure onboarding and offboarding.

Phishing Defense & Awareness:

• Operate a phishing simulation and security awareness platform phishing simulations and report on campaign effectiveness.


• Triage user-reported phishing attempts and maintain IT communication templates and user education content.

Innovation & Emerging Technology Evaluation:

• Participate in research, testing, and proof-of-concept (PoC) efforts for new cybersecurity tools, technologies, and frameworks.


• Support deployment of new technologies and procedures that improve detection, prevention, and governance.


• Provide technical input and analysis for tool evaluations, pilots, and strategic initiatives.

Qualifications

• 3+ years of IT administration experience with a strong focus on Windows environments.


• Familiarity with Microsoft 365, Entra ID (Azure AD), third-party IDP providers, Intune, and modern endpoint security tools.


• Understanding of cybersecurity frameworks and governance models (NIST CSF, ISO 27001, CIS).


• Analytical, collaborative, and adaptable mindset with strong documentation skills.


• Experience evaluating, piloting, or deploying emerging cybersecurity tools and cloud security solutions.


• Hands-on experience implementing or managing a SIEM solution.


• Exposure to automation and SOAR platforms.


• Experience in risk assessments, audit preparation, or compliance reporting.


• Familiarity with languages such as Python, C/C++, JavaScript, SQL, Java, PHP, PowerShell, or Bash/Shell, supporting tasks ranging from system-level analysis to web or database security.

Salary Information

• To the extent this position is performed in New York City, the annual salary range for this role is $90,000-$110,000.

Why Join Us

• Help shape a modern, forward-looking security program.


• Contribute to strategic initiatives and work closely with leadership.


• Gain exposure to emerging technologies and have a direct impact on operational maturity.

All qualified applicants will receive consideration for employment with JRM without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or other characteristics protected by law. Eligible candidates must be work authorized to work in the United States without the need for employer sponsorship.