Sr. Cybersecurity & Compliance Analyst

Citi Trends, Inc.

Savannah, GA

JOB DETAILS
SKILLS
Access Control, Analysis Skills, Best Practices, Business Continuity Planning (BCP), CISA - Certified Information Systems Auditor, CISM - Certified Information Security Manager, CISSP - Certified Information Systems Security Professional, Change Management, Communication Skills, CompTIA Security+, Computer Networks, Computer Science, Computer Security, Continuous Improvement, Cryptography, Disaster Recovery, Documentation, External Audit, Incident Response, Information Technology & Information Systems, Information Technology/Systems Audit, Information/Data Security (InfoSec), Internal Audit, Internet Security, Leadership, Loss Mitigation, Loss Prevention, Maintain Compliance, Microsoft VBScript (Visual Basic Script) Scripting Language, Operational Support, Organizational Development/Management, PCI, PCI-DSS, Presentation/Verbal Skills, Process Improvement, Regulatory Compliance, Reporting Skills, Retail, Risk Analysis, Risk Management, Root Cause Analysis, Sarbanes-Oxley Act (SOX), Scripting (Scripting Languages), Security Analysis, Security Monitoring, Software Patches, Support Documentation, Systems Administration/Management, Systems Analysis, Technical Writing, Testing, Windows PowerShell, Writing Skills
LOCATION
Savannah, GA
POSTED
4 days ago

IT Senior Cybersecurity & Compliance Analyst

Citi Trends is Seeking an IT Senior Cybersecurity & Compliance Analyst

Citi Trends is seeking an experienced and highly skilled IT Senior Cybersecurity & Compliance Analyst to support and advance the organization's cybersecurity, compliance, and risk management initiatives. This senior-level role combines technical cybersecurity expertise, regulatory compliance knowledge, and operational leadership to help protect the confidentiality, integrity, and availability of enterprise systems, data, and networks. The ideal candidate will serve as a subject matter expert, partnering across the business to strengthen security controls, maintain compliance, and drive continuous improvement of the organization's security posture.

Essential Duties and Responsibilities

  • Execute SOX and PCI DSS control activities, including evidence collection, testing support, audit coordination, and remediation follow-up.
  • Partner with internal and external auditors, IT teams, and business stakeholders to address findings, support vulnerability remediation efforts, and strengthen the organization's overall security posture.
  • Lead change management processes, including impact reviews, risk assessments, approval recommendations, implementation oversight, and documentation for production changes.
  • Maintain policies, controls, procedures, and supporting documentation to ensure audit readiness and compliance with regulatory and corporate security standards.
  • Contribute to security awareness initiatives, vendor compliance reviews, and consumer consent and request management processes.
  • Implement and maintain security tools, controls, monitoring solutions, and ongoing security assessments for systems and services.
  • Support incident response activities, including investigation, containment, remediation, root cause analysis, and documentation.
  • Lead disaster recovery planning, testing, and documentation to support operational resilience and recovery readiness.
  • Monitor, analyze, and respond to security alerts, vulnerabilities, and potential threats across the enterprise environment.
  • Support data protection initiatives, including data classification, access controls, encryption, data loss prevention, and mitigation of data-related risks.
  • Serve as an escalation point and subject matter expert for cybersecurity and compliance matters.
  • Provide after-hours support as needed.
  • Perform other duties as assigned.

Education and Experience

Required Qualifications

  • Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field; an equivalent combination of education and experience will be considered.
  • 4-7+ years of experience in cybersecurity, compliance, information security, or a related technical field.
  • Experience working with cybersecurity tools, monitoring platforms, and security technologies.
  • Advanced knowledge of SOX and PCI compliance frameworks.
  • Solid understanding of networking, server and directory administration, endpoint management, and infrastructure security.
  • Experience with patch management processes, vulnerability remediation, and security best practices.
  • Basic scripting proficiency, preferably in PowerShell or VBScript.
  • Excellent verbal and written communication skills.
  • Strong technical documentation and reporting skills.

Preferred Qualifications

  • Relevant cybersecurity certifications such as Security+, CISSP, CISM, CISA, or comparable credentials.
  • Experience supporting regulatory audits and compliance programs in a retail or enterprise environment.
  • Experience with incident response, disaster recovery planning, and business continuity initiatives.
  • Knowledge of data protection frameworks, access management, encryption, and data loss prevention technologies.

General Information

The above statements are intended to describe the general nature and level of work being performed by individuals assigned to this position. They are not intended to be an exhaustive list of all duties, responsibilities, and skills required of personnel so classified. Equal employment opportunities are provided to all employees and applicants for employment. Discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. is prohibited.

About the Company

C

Citi Trends, Inc.