Access Control, Analysis Skills, Auditing, Change Management, Computer Networks, Computer Security, Cryptography, Detail Oriented, Disaster Recovery, Documentation, External Audit, Incident Response, Information Technology & Information Systems, Information Technology/Systems Audit, Information/Data Security (InfoSec), Internal Audit, Internet Security, Loss Mitigation, Loss Prevention, Maintain Compliance, Operational Support, PCI, PCI-DSS, Regulatory Compliance, Risk Analysis, Risk Management, Root Cause Analysis, Sarbanes-Oxley Act (SOX), Security Analysis, Support Documentation, Systems Analysis, Testing
Citi Trends is seeking a detail-oriented and technically skilled IT Cybersecurity & Compliance Analyst to support the organization's cybersecurity, compliance, and risk management initiatives. This role is responsible for executing and supporting security programs that protect the confidentiality, integrity, and availability of enterprise systems, data, and networks. The ideal candidate combines technical cybersecurity knowledge with an understanding of regulatory compliance frameworks and audit processes.
Essential Duties and Responsibilities
- Assist with SOX and PCI DSS audit activities, including evidence collection, testing support, and remediation follow-up.
- Partner with internal and external auditors, IT teams, and business stakeholders to address findings, support vulnerability remediation efforts, and enhance the organization's overall security posture.
- Support change management processes, including impact reviews, risk assessments, approval recommendations, implementation oversight, and documentation for production changes.
- Help maintain policies, controls, procedures, and supporting documentation to ensure audit readiness and compliance with regulatory and corporate security standards.
- Contribute to security awareness initiatives, vendor compliance reviews, and consumer consent and request management processes.
- Support the implementation and maintenance of security tools, controls, monitoring solutions, and ongoing security assessments for systems and services.
- Participate in incident response activities, including investigation, containment, remediation, root cause analysis, and documentation.
- Contribute to disaster recovery planning, testing, and documentation to support operational resilience and recovery readiness.
- Monitor, analyze, and respond to security alerts, vulnerabilities, and potential threats across the enterprise environment.
- Support data protection initiatives, including data classification, access controls, encryption, data loss prevention, and mitigation of data-related risks.
- Provide after-hours support as needed.
- Perform other duties as assigned.
Education and Experience
Required Qualifications
- Associate's degree in Cybersecurity, Information Technology, or a related field, or an equivalent combination of education and experience.
- Familiarity with cybersecurity tools and monitoring platforms.
Preferred Qualifications
- Relevant cybersecurity certifications.
- Knowledge of SOX and PCI compliance frameworks.
- Experience supporting cybersecurity, compliance, audit, and risk management activities.
General Information
The above statements are intended to describe the general nature and level of work being performed by individuals assigned to this position. They are not intended to be an exhaustive list of all duties, responsibilities, and skills required of personnel so classified. Equal employment opportunities are provided to all employees and applicants for employment. Discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. is prohibited.