Cybersecurity Analyst - Innovation & Technology Services
City of Savannah · Savannah, GA · 3 wk ago
Information TechnologyFull-time
Purpose
The City of Savannah is seeking an experienced Cybersecurity Analyst to join their Innovation & Technology Services Department. This role offers an exciting opportunity to strengthen and mature the City's cybersecurity program, supporting regulatory compliance initiatives and defending against evolving threats.
Why Join the City of Savannah?
Cybersecurity is crucial for safeguarding critical public services and infrastructure. As a Cybersecurity Analyst, you'll contribute to securing the future of local government services while fostering professional growth and innovation.
Essential Job Functions
- Monitor and Analyze IT resources using security tools such as SIEM to find and mitigate incidents.
- Analyze suspicious activities and find their source.
- Part of Response Team when potential security incidents are detected.
- Act as a first responder to security incidents by investigating, containing, and mitigating threats in real time, while escalating as needed.
- Use tools and resources for threat hunting and implementing proactive measures.
- Aid in managing and maintaining a robust vulnerability management program for the organization's assets.
- Assist senior team members with tuning, managing, and engineering resources necessary for incident management.
- Perform Intrusion Detection and Prevention by proactively searching for threats.
- Log Analysis.
- Aid in the protection of Data Security through access management, transmission controls, CIA Triad.
- Assist with enforcing the Cybersecurity Program Plan and its initiatives.
Minimum Qualifications
- Associate’s degree in computer science, Information Systems, or Business Administration; plus two years of increasingly responsible experience in Information Systems; or any equivalent combination of education, training, and experience.
- Excellent communications (verbal and written), organizational, and problem-solving skills.
- Solid understanding of the organization’s goals and objectives.
Preferred Qualifications
- Proven analytical and problem-solving abilities.
- Ability to present ideas in a business-friendly and user-friendly language.
- Highly self-motivated and directed.
- Capable of meeting standards in a fast-paced work environment, identifying urgency while remaining calm and professional.
Work Location and Hours
1000 Business Center Dr, Suite 120
8 am - 5 pm, Monday - Friday
Additional Requirements
- Background investigation, including supervised drug screen, post-offer/pre-employment medical screen.
- Verification of education, certifications, and licenses required prior to employment.
City of Savannah Employee Benefits Overview
- Paid Holiday
- Paid Vacation
- Paid Sick Leave
- Defined Benefit Retirement Pension Plan
- Protective Services Retirement Plan (select positions)
- Deferred Compensation Retirement Plan
- Retirement Seminars
- PPO Medical Insurance
- Dental Insurance
- Vision Insurance
- Flexible Spending Accounts
- Wellness Programs
- Health & Wellness Incentives
- Long Term Disability
- Ease of Service Recognition
- Employee Development and In-Service Training
- Education Assistance Program
- Uniform Allowance (select positions)
- Employee Assistance Program
- Discounts and Memberships
- Employee Relations
- Direct Deposit
- Credit Union
- Pretax Parking Deductions
- Employer Assisted Home Purchase Program
- Domestic Partnership Benefits
- Healthcare PPO Medical Plus Plan
- Healthcare PPO Medical Basic Plan
- Healthcare Dental Plus Plan
- Healthcare Dental Basic Plan
- Healthcare Vision Service Plan
- Life Insurance Basic Life and ADD Supplemental Life
- Employee Supplemental Life
- Spouse Supplemental Life
- Child Benefits
Required Questions
- Do you have a valid driver's license?
- Do you have an Associate’s degree in computer science, Information Systems or Business Administration; plus two years of increasingly responsible experience in Information Systems; or any equivalent combination of education, training, and experience to perform the job?
- Supplemental Question 1: Describe your experience monitoring security events, alerts, or logs within a cybersecurity, network, or IT environment. Include any SIEM, EDR, vulnerability management, or security monitoring tools you have used and explain how you identified and responded to potential threats.
- Supplemental Question 2: Describe a cybersecurity incident, security event, or technical issue that you investigated. What was your role, what actions did you take to contain and mitigate the issue, and what lessons were learned?
- Supplemental Question 4: Describe your experience with cybersecurity policies, compliance standards, risk assessments, vulnerability management, or security audits. Include your specific responsibilities and contributions.
- Supplemental Question 5: Describe a situation where you explained a cybersecurity risk, vulnerability, or security recommendation to management, end users, or other stakeholders. How did you ensure your message was understood and what was the outcome?