Cybersecurity Analyst - Innovation & Technology Services

Cybersecurity Analyst - Innovation & Technology Services

Salary

$72,718.00 Annually

Location

1000 Business Center Drive, Suite 120, GA

Job Type

Full-Time Permanent

Job Number

2603272

Department

Innovation + Technology Services

Opening Date

06/23/2026

Closing Date

7/5/2026 11:59 PM Eastern

• Description
• Benefits
• Questions

Purpose

Why This Opportunity is Unique

The City of Savannah is seeking an experienced Cybersecurity Analyst to join our Innovation & Technology Services Department to help strengthen and mature the Citys cybersecurity program. This is an exciting opportunity for a cybersecurity professional who wants to move beyond routine security monitoring and become an integral part of a growing security program that protects critical public services, municipal operations, sensitive data, and essential technology infrastructure.

Reporting directly to the Manager of Cybersecurity and Data, the Cybersecurity Analyst will work closely with the Cybersecurity Engineer and technology teams within Innovation & Technology Services to enhance the Citys cybersecurity posture, support regulatory compliance initiatives, and defend against an evolving threat landscape.

The new Cybersecurity Analyst will provide guidance for cybersecurity compliance and data protection concerning the Citys digital assets. Your primary responsibilities include monitoring, detecting, and responding to potential security incidents, as well as analyzing SIEM events for suspicious activities and potential incidents. As the Cybersecurity Analyst, you will assist senior-level IT Security staff in incident response detection and escalation. Additionally, the Cybersecurity Analyst will contribute to the threat detection and prevention program by maintaining and analyzing repositories, validating threat information, and aiding in appropriate actions. The Cybersecurity Analyst role involves assisting in the management and tunning of tools and resources used by the Cybersecurity team for countermeasures against cyber incidents. The Cybersecurity Analyst will ensure adherence to the security frameworks, NIST 800-171, and all regulatory requirements required of the city.

Why Join the City of Savannah?

Cybersecurity is essential to protecting the systems and services that residents, businesses, and employees rely upon every day. As a Cybersecurity Analyst, youll help defend critical public infrastructure, strengthen the Citys cybersecurity posture, and contribute to meaningful work that impacts the entire community.

Join a forward-thinking technology team where your expertise will help secure the future of local government services while providing opportunities for professional growth, collaboration, and innovation.

We offer great pay, excellent benefits to include medical, dental, and vision plans, life insurance,employee/spouse/childsupplemental life insurance, short-term disability, tuition reimbursement,wellness programs, deferred compensationplan (457 B), pension plan, flexible spending account,home purchase assistance and 12 paid holidays!

Women, Minorities, and Veterans Are Encouraged to Apply

Essential Job Functions

• Monitor and Analyze IT resources using security tools such as SIEM to find and mitigate incidents.
• Analyze suspicious activities and finding their source.
• Part of Response Team when potential security incidents are detected.
• Acts as a first responder to security incidents by investigating, containing and mitigating threats in real time, while also escalating to lead team members as needed.
• Use tools and resources for threat hunting and put proactive measures in place.
• Aid in managing and maintaining a robust vulnerability management program for the organizations assets.
• Assist senior team members with tuning, managing and engineering resources necessary to perform counter measures to manage incidents effectively.
• Performs Intrusion Detection and Prevention by proactively searching for threats
• Log Analysis
• Aids in the protection of Data Security through access management, transmission controls, CIA Triad.
• Assists with enforcing the Cybersecurity Program Plan and its initiatives.

Minimum Qualifications

• Associate's degree in computer science, Information Systems or Business Administration; plus two years of increasingly responsible experience in Information Systems; or any equivalent combination of education, training, and experience.
• Excellent communications (verbal and written), organizational, and problem-solving skills.
• Solid understanding of the organization's goals and objectives.
• CompTIA Security+ Certification, GSEC, CISSP

PREFERRED QUALIFICATIONS:

• Proven analytical and problem-solving abilities.
• Ability to present ideas in a business-friendly and user-friendly language.
• Highly self-motivated and directed.
• Capable of meeting standards in at-paced work environment, able to identify a sense of urgency while still staying calm and professional.

Work Location: 1000 Business Center Dr, Suite 120 Work Hours: 8 am - 5 pm, Monday - Friday

Additional Requirements:

Background investigation, including supervised drug screen, post offer/pre-employment medical screen; and verification of education, certifications, and licenses required prior to employment

Additional Information

• Knowledge of information technology standards, trends, management, and security principles.
• Knowledge in network security related to operating systems, networks and databases both on premise and hosted/cloud based
• Knowledge of Linux, Windows, and MAC Operating Systems
• Knowledge in Web application firewalls
• Knowledge, skill, and ability to understand and implement security policies for compliance standards such as PCI, CJIS, HIPAA, and NIST.
• Knowledge in cloud-based securityincluding policy, roles, network and systems administration and controls, virtual services and cloud controls.
• Knowledgewith Incident Management and the ability to assist in managing an active event
• Skill in oral and written communication.
• Skill in researching new technologies and evaluating new systems.
• Skill with coding languages
• Skill in architecting, installing and maintaining security infrastructure
• Skill in disaster recovery planning, preparedness and restoration
• Ability to follow a project management methodology
• Ability to stay up to date and apply current industry trends and best practices to the current environment.
• Ability to follow a change control program.
• Ability to work with Manager of Cybersecurity and Data to identify risk and provide recommendations for path forward and remediations for current technologies.

CITY OF SAVANNAH EMPLOYEE BENEFITS

Overview of Benefits

Paid Holiday

Paid Vacation

Paid Sick Leave

Defined Benefit Retirement Pension Plan

Protective Services Retirement Plan (select positions)

Deferred Compensation Retirement Plan

Retirement Seminars

PPO Medical Insurance

Dental Insurance

Vision Insurance

Flexible Spending Accounts

Wellness Programs

Health & Wellness Incentives

Long Term Disability

Excellence and Service Recognition

Employee Development and In-Service Training

Educational Assistance Program

Uniform Allowance (select positions)

Employee Assistance Program

Discounts and Memberships

Employee Relations

Direct Deposit

Credit Union

Pretax Parking Deductions

Employer Assisted Home Purchase Program

Domestic Partnership Benefits

Healthcare

PPO Medical Plus Plan

PPO Medical Basic Plan

Dental Plus Plan

Dental Basic Plan

Vision Service Plan

Life Insurance

Basic Life and ADD

Supplemental Life Employee

Supplemental Life Spouse

Supplemental Life Child

Benefits costs are paid by the City of Savannah, by the employee or shared by both the City and the employee.

01

Do you have a valid drivers license?

• Yes
• No

02

Do you have an Associate's degree in computer science, Information Systems or Business Administration; plus two years of increasingly responsible experience in Information Systems; or any equivalent combination of education, training, and experience to perform the job?

• Yes
• No

03

Supplemental Question 1 Describe your experience monitoring security events, alerts, or logs within a cybersecurity, network, or IT environment. Include any SIEM, EDR, vulnerability management, or security monitoring tools you have used and explain how you identified and responded to potential threats. (The name of the employer where this experience was obtained must be included in the WORK HISTORY section of the applicaiton?

04

Supplemental Question 2 Describe a cybersecurity incident, security event, or technical issue that you investigated. What was your role, what actions did you take to contain and mitigate the issue, and what lessons were learned? (The name of the employer where this experience was obtained must be listed in the WORK HISTORY section of the application).

05

Supplemental Question 4 This position supports compliance with cybersecurity frameworks and regulatory requirements such as NIST, CJIS, PCI-DSS, and HIPAA. Describe your experience with cybersecurity policies, compliance standards, risk assessments, vulnerability management, or security audits. Include your specific responsibilities and contributions. (The name of the employer where this experience was obtained must be listed in the WORK HISTORY section of the application).

06

Supplemental Question 5 Cybersecurity professionals must communicate technical information to both technical and non-technical audiences. Describe a situation where you explained a cybersecurity risk, vulnerability, or security recommendation to management, end users, or other stakeholders. How did you ensure your message was understood and what was the outcome? (The name of the employer where this experience was obtained must be listed in the WORK HISTORY section of the application).

Required Question

Employer City of Savannah

Address 6600 Abercorn Street

Suite 100

Savannah, Georgia, 31405

Phone 912-651-6484

Website http://www.savannahga.gov