Cybersecurity Analyst - Innovation & Technology Services

Georgia Government

IL

JOB DETAILS
SKILLS
Analysis Skills, Background Investigation, Best Practices, Business Administration, CISSP - Certified Information Systems Security Professional, Change Control, Cloud Computing, Cloud-Based Hosting, CompTIA Security+, Computer Programming, Computer Science, Computer Security, Data Management, Data Quality, Disaster Recovery, Engineering Management, Event Management, Firewalls, GSEC - GIAC Security Essentials Certification, HIPAA (Health Insurance Portability and Accountability Act), Hunting, Incident Management, Incident Response, Industry/Trade Analysis, Information Systems/Technology IS/IT Administration, Information Technology & Information Systems, Information/Data Security (InfoSec), Internet Application, Internet Security, Intrusion Detection and Prevention (IDP), Linux Operating System, Local Government, Mac Operating System, Maintain Compliance, Microsoft Windows Operating System, Network Administration/Management, Network Security, Network Systems, Organizational Development/Management, PCI, People Management, Policy Implementation, Presentation/Verbal Skills, Preventative Maintenance, Problem Solving Skills, Program Planning, Project/Program Management, Regulatory Compliance, Regulatory Requirements, Research Skills, Resource Management, Risk Analysis, Security Information and Event Management (SIEM), Security Infrastructure, Security Monitoring, Systems Administration/Management, Team Lead/Manager, Technical Research, Trend Analysis, U.S. National Institute of Standards and Technology (NIST), Writing Skills
LOCATION
IL
POSTED
8 days ago

Purpose

Why This Opportunity is Unique

The City of Savannah is seeking an experienced Cybersecurity Analyst to join our Innovation & Technology Services Department to help strengthen and mature the City's cybersecurity program. This is an exciting opportunity for a cybersecurity professional who wants to move beyond routine security monitoring and become an integral part of a growing security program that protects critical public services, municipal operations, sensitive data, and essential technology infrastructure.

Reporting directly to the Manager of Cybersecurity and Data, the Cybersecurity Analyst will work closely with the Cybersecurity Engineer and technology teams within Innovation & Technology Services to enhance the City's cybersecurity posture, support regulatory compliance initiatives, and defend against an evolving threat landscape.

The new Cybersecurity Analyst will provide guidance for cybersecurity compliance and data protection concerning the City's digital assets. Your primary responsibilities include monitoring, detecting, and responding to potential security incidents, as well as analyzing SIEM events for suspicious activities and potential incidents. As the Cybersecurity Analyst, you will assist senior-level IT Security staff in incident response detection and escalation. Additionally, the Cybersecurity Analyst will contribute to the threat detection and prevention program by maintaining and analyzing repositories, validating threat information, and aiding in appropriate actions. The Cybersecurity Analyst role involves assisting in the management and tunning of tools and resources used by the Cybersecurity team for countermeasures against cyber incidents. The Cybersecurity Analyst will ensure adherence to the security frameworks, NIST 800-171, and all regulatory requirements required of the city.

Why Join the City of Savannah?

Cybersecurity is essential to protecting the systems and services that residents, businesses, and employees rely upon every day. As a Cybersecurity Analyst, you'll help defend critical public infrastructure, strengthen the City's cybersecurity posture, and contribute to meaningful work that impacts the entire community.

Join a forward-thinking technology team where your expertise will help secure the future of local government services while providing opportunities for professional growth, collaboration, and innovation.

We offer great pay, excellent benefits to include medical, dental, and vision plans, life insurance,employee/spouse/childsupplemental life insurance, short-term disability, tuition reimbursement,wellness programs, deferred compensationplan (457 B), pension plan, flexible spending account,home purchase assistance and 12 paid holidays!

Women, Minorities, and Veterans Are Encouraged to Apply

Essential Job Functions

  • Monitor and Analyze IT resources using security tools such as SIEM to find and mitigate incidents.
  • Analyze suspicious activities and finding their source.
  • Part of Response Team when potential security incidents are detected.
  • Acts as a first responder to security incidents by investigating, containing and mitigating threats in real time, while also escalating to lead team members as needed.
  • Use tools and resources for threat hunting and put proactive measures in place.
  • Aid in managing and maintaining a robust vulnerability management program for the organization's assets.
  • Assist senior team members with tuning, managing and engineering resources necessary to perform counter measures to manage incidents effectively.
  • Performs Intrusion Detection and Prevention by proactively searching for threats
  • Log Analysis
  • Aids in the protection of Data Security through access management, transmission controls, CIA Triad.
  • Assists with enforcing the Cybersecurity Program Plan and its initiatives.

Minimum Qualifications

  • Associate's degree in computer science, Information Systems or Business Administration; plus two years of increasingly responsible experience in Information Systems; or any equivalent combination of education, training, and experience.
  • Excellent communications (verbal and written), organizational, and problem-solving skills.
  • Solid understanding of the organization's goals and objectives.
  • CompTIA Security+ Certification, GSEC, CISSP

PREFERRED QUALIFICATIONS:

  • Proven analytical and problem-solving abilities.
  • Ability to present ideas in a business-friendly and user-friendly language.
  • Highly self-motivated and directed.
  • Capable of meeting standards in at-paced work environment, able to identify a sense of urgency while still staying calm and professional.

Work Location: 1000 Business Center Dr, Suite 120 Work Hours: 8 am - 5 pm, Monday - Friday

Additional Requirements:

Background investigation, including supervised drug screen, post offer/pre-employment medical screen; and verification of education, certifications, and licenses required prior to employment

Additional Information

  • Knowledge of information technology standards, trends, management, and security principles.
  • Knowledge in network security related to operating systems, networks and databases both on premise and hosted/cloud based
  • Knowledge of Linux, Windows, and MAC Operating Systems
  • Knowledge in Web application firewalls
  • Knowledge, skill, and ability to understand and implement security policies for compliance standards such as PCI, CJIS, HIPAA, and NIST.
  • Knowledge in cloud-based securityincluding policy, roles, network and systems administration and controls, virtual services and cloud controls.
  • Knowledgewith Incident Management and the ability to assist in managing an active event
  • Skill in oral and written communication.
  • Skill in researching new technologies and evaluating new systems.
  • Skill with coding languages
  • Skill in architecting, installing and maintaining security infrastructure
  • Skill in disaster recovery planning, preparedness and restoration
  • Ability to follow a project management methodology
  • Ability to stay up to date and apply current industry trends and best practices to the current environment.
  • Ability to follow a change control program.
  • Ability to work with Manager of Cybersecurity and Data to identify risk and provide recommendations for path forward and remediations for current technologies.

About the Company

G

Georgia Government