Cybersecurity Analyst - Innovation & Technology Services

City of Savannah•Suite 120, GA

3d•Onsite

About The Position

The City of Savannah is seeking an experienced Cybersecurity Analyst to join our Innovation & Technology Services Department to help strengthen and mature the City's cybersecurity program. This is an exciting opportunity for a cybersecurity professional who wants to move beyond routine security monitoring and become an integral part of a growing security program that protects critical public services, municipal operations, sensitive data, and essential technology infrastructure. Reporting directly to the Manager of Cybersecurity and Data, the Cybersecurity Analyst will work closely with the Cybersecurity Engineer and technology teams within Innovation & Technology Services to enhance the City's cybersecurity posture, support regulatory compliance initiatives, and defend against an evolving threat landscape. The new Cybersecurity Analyst will provide guidance for cybersecurity compliance and data protection concerning the City's digital assets. Your primary responsibilities include monitoring, detecting, and responding to potential security incidents, as well as analyzing SIEM events for suspicious activities and potential incidents. As the Cybersecurity Analyst, you will assist senior-level IT Security staff in incident response detection and escalation. Additionally, the Cybersecurity Analyst will contribute to the threat detection and prevention program by maintaining and analyzing repositories, validating threat information, and aiding in appropriate actions. The Cybersecurity Analyst role involves assisting in the management and tunning of tools and resources used by the Cybersecurity team for countermeasures against cyber incidents. The Cybersecurity Analyst will ensure adherence to the security frameworks, NIST 800-171, and all regulatory requirements required of the city. Cybersecurity is essential to protecting the systems and services that residents, businesses, and employees rely upon every day. As a Cybersecurity Analyst, you'll help defend critical public infrastructure, strengthen the City's cybersecurity posture, and contribute to meaningful work that impacts the entire community. Join a forward-thinking technology team where your expertise will help secure the future of local government services while providing opportunities for professional growth, collaboration, and innovation.

Requirements

Associate’s degree in computer science, Information Systems or Business Administration; plus two years of increasingly responsible experience in Information Systems; or any equivalent combination of education, training, and experience.
Excellent communications (verbal and written), organizational, and problem-solving skills.
Solid understanding of the organization’s goals and objectives.
Knowledge of information technology standards, trends, management, and security principles.
Knowledge in network security related to operating systems, networks and databases both on premise and hosted/cloud based
Knowledge of Linux, Windows, and MAC Operating Systems
Knowledge in Web application firewalls
Knowledge, skill, and ability to understand and implement security policies for compliance standards such as PCI, CJIS, HIPAA, and NIST.
Knowledge in cloud-based security including policy, roles, network and systems administration and controls, virtual services and cloud controls.
Knowledge with Incident Management and the ability to assist in managing an active event
Skill in oral and written communication.
Skill in researching new technologies and evaluating new systems.
Skill with coding languages
Skill in architecting, installing and maintaining security infrastructure
Skill in disaster recovery planning, preparedness and restoration
Ability to follow a project management methodology
Ability to stay up to date and apply current industry trends and best practices to the current environment.
Ability to follow a change control program.
Ability to work with Manager of Cybersecurity and Data to identify risk and provide recommendations for path forward and remediations for current technologies.

Nice To Haves

CompTIA Security+ Certification, GSEC, CISSP
Proven analytical and problem-solving abilities.
Ability to present ideas in a business-friendly and user-friendly language.
Highly self-motivated and directed.
Capable of meeting standards in at-paced work environment, able to identify a sense of urgency while still staying calm and professional.

Responsibilities

Monitor and Analyze IT resources using security tools such as SIEM to find and mitigate incidents.
Analyze suspicious activities and finding their source.
Part of Response Team when potential security incidents are detected.
Acts as a first responder to security incidents by investigating, containing and mitigating threats in real time, while also escalating to lead team members as needed.
Use tools and resources for threat hunting and put proactive measures in place.
Aid in managing and maintaining a robust vulnerability management program for the organization's assets.
Assist senior team members with tuning, managing and engineering resources necessary to perform counter measures to manage incidents effectively.
Performs Intrusion Detection and Prevention by proactively searching for threats
Log Analysis
Aids in the protection of Data Security through access management, transmission controls, CIA Triad.
Assists with enforcing the Cybersecurity Program Plan and its initiatives.