Salary : $72,718.00 Annually
Location : 1000 Business Center Drive, Suite 120, GA
Job Type: Full-Time Permanent
Job Number: 2603272
Department: Innovation + Technology Services
Opening Date: 06/23/2026
Closing Date: 7/19/2026 11:59 PM Eastern
Purpose
Why This Opportunity is Unique
The City of Savannah is seeking an experienced
Cybersecurity Analyst to join our Innovation & Technology Services Department to help strengthen and mature the City's cybersecurity program. This is an exciting opportunity for a cybersecurity professional who wants to move beyond routine security monitoring and become an integral part of a growing security program that protects critical public services, municipal operations, sensitive data, and essential technology infrastructure.
Reporting directly to the
Manager of Cybersecurity and Data, the Cybersecurity Analyst will work closely with the Cybersecurity Engineer and technology teams within Innovation & Technology Services to enhance the City's cybersecurity posture, support regulatory compliance initiatives, and defend against an evolving threat landscape.
The new Cybersecurity Analyst will provide guidance for cybersecurity compliance and data protection concerning the City's digital assets. Your primary responsibilities include monitoring, detecting, and responding to potential security incidents, as well as analyzing SIEM events for suspicious activities and potential incidents. As the Cybersecurity Analyst, you will assist senior-level IT Security staff in incident response detection and escalation. Additionally, the Cybersecurity Analyst will contribute to the threat detection and prevention program by maintaining and analyzing repositories, validating threat information, and aiding in appropriate actions. The Cybersecurity Analyst role involves assisting in the management and tunning of tools and resources used by the Cybersecurity team for countermeasures against cyber incidents. The Cybersecurity Analyst will ensure adherence to the security frameworks, NIST 800-171, and all regulatory requirements required of the city.
Why Join the City of Savannah?
Cybersecurity is essential to protecting the systems and services that residents, businesses, and employees rely upon every day. As a Cybersecurity Analyst, you'll help defend critical public infrastructure, strengthen the City's cybersecurity posture, and contribute to meaningful work that impacts the entire community.
Join a forward-thinking technology team where your expertise will help secure the future of local government services while providing opportunities for professional growth, collaboration, and innovation.
We offer great pay, excellent benefits to include medical, dental, and vision plans, life insurance,employee/spouse/childsupplemental life insurance, short-term disability, tuition reimbursement,wellness programs, deferred compensationplan (457 B), pension plan, flexible spending account,home purchase assistance and 12 paid holidays!
Women, Minorities, and Veterans Are Encouraged to Apply
Essential Job Functions
- Monitor and Analyze IT resources using security tools such as SIEM to find and mitigate incidents.
- Analyze suspicious activities and finding their source.
- Part of Response Team when potential security incidents are detected.
- Acts as a first responder to security incidents by investigating, containing and mitigating threats in real time, while also escalating to lead team members as needed.
- Use tools and resources for threat hunting and put proactive measures in place.
- Aid in managing and maintaining a robust vulnerability management program for the organization's assets.
- Assist senior team members with tuning, managing and engineering resources necessary to perform counter measures to manage incidents effectively.
- Performs Intrusion Detection and Prevention by proactively searching for threats
- Log Analysis
- Aids in the protection of Data Security through access management, transmission controls, CIA Triad.
- Assists with enforcing the Cybersecurity Program Plan and its initiatives.
Minimum Qualifications
- Associate's degree in computer science, Information Systems or Business Administration; plus two years of increasingly responsible experience in Information Systems; or any equivalent combination of education, training, and experience.
- Excellent communications (verbal and written), organizational, and problem-solving skills.
- Solid understanding of the organization's goals and objectives.
- CompTIA Security+ Certification, GSEC, CISSP
PREFERRED QUALIFICATIONS:
- Proven analytical and problem-solving abilities.
- Ability to present ideas in a business-friendly and user-friendly language.
- Highly self-motivated and directed.
- Capable of meeting standards in at-paced work environment, able to identify a sense of urgency while still staying calm and professional.
Work Location: 1000 Business Center Dr, Suite 120 Work Hours: 8 am - 5 pm, Monday - Friday
Additional Requirements:
Background investigation, including supervised drug screen, post offer/pre-employment medical screen; and verification of education, certifications, and licenses required prior to employment
Additional Information
- Knowledge of information technology standards, trends, management, and security principles.
- Knowledge in network security related to operating systems, networks and databases both on premise and hosted/cloud based
- Knowledge of Linux, Windows, and MAC Operating Systems
- Knowledge in Web application firewalls
- Knowledge, skill, and ability to understand and implement security policies for compliance standards such as PCI, CJIS, HIPAA, and NIST.
- Knowledge in cloud-based securityincluding policy, roles, network and systems administration and controls, virtual services and cloud controls.
- Knowledgewith Incident Management and the ability to assist in managing an active event
- Skill in oral and written communication.
- Skill in researching new technologies and evaluating new systems.
- Skill with coding languages
- Skill in architecting, installing and maintaining security infrastructure
- Skill in disaster recovery planning, preparedness and restoration
- Ability to follow a project management methodology
- Ability to stay up to date and apply current industry trends and best practices to the current environment.
- Ability to follow a change control program.
- Ability to work with Manager of Cybersecurity and Data to identify risk and provide recommendations for path forward and remediations for current technologies.
CITY OF SAVANNAH EMPLOYEE BENEFITS
Overview of Benefits
Paid Holiday
Paid Vacation
Paid Sick Leave
Defined Benefit Retirement Pension Plan
Protective Services Retirement Plan (select positions)
Deferred Compensation Retirement Plan
Retirement Seminars
PPO Medical Insurance
Dental Insurance
Vision Insurance
Flexible Spending Accounts
Wellness Programs
Health & Wellness Incentives
Long Term Disability
Excellence and Service Recognition
Employee Development and In-Service Training
Educational Assistance Program
Uniform Allowance (select positions)
Employee Assistance Program
Discounts and Memberships
Employee Relations
Direct Deposit
Credit Union
Pretax Parking Deductions
Employer Assisted Home Purchase Program
Domestic Partnership Benefits
Healthcare
PPO Medical Plus Plan
PPO Medical Basic Plan
Dental Plus Plan
Dental Basic Plan
Vision Service Plan
Life Insurance
Basic Life and ADD
Supplemental Life Employee
Supplemental Life Spouse
Supplemental Life Child
Benefits costs are paid by the City of Savannah, by the employee or shared by both the City and the employee.
01
Do you have a valid driver's license?
02
Do you have an Associate's degree in computer science, Information Systems or Business Administration; plus two years of increasingly responsible experience in Information Systems; or any equivalent combination of education, training, and experience to perform the job?
03
Supplemental Question 1Describe your experience monitoring security events, alerts, or logs within a cybersecurity, network, or IT environment. Include any SIEM, EDR, vulnerability management, or security monitoring tools you have used and explain how you identified and responded to potential threats. (The name of the employer where this experience was obtained must be included in the WORK HISTORY section of the applicaiton?
04
Supplemental Question 2Describe a cybersecurity incident, security event, or technical issue that you investigated. What was your role, what actions did you take to contain and mitigate the issue, and what lessons were learned? (The name of the employer where this experience was obtained must be listed in the WORK HISTORY section of the application).
05
Supplemental Question 4This position supports compliance with cybersecurity frameworks and regulatory requirements such as NIST, CJIS, PCI-DSS, and HIPAA.Describe your experience with cybersecurity policies, compliance standards, risk assessments, vulnerability management, or security audits. Include your specific responsibilities and contributions. (The name of the employer where this experience was obtained must be listed in the WORK HISTORY section of the application).
06
Supplemental Question 5Cybersecurity professionals must communicate technical information to both technical and non-technical audiences.Describe a situation where you explained a cybersecurity risk, vulnerability, or security recommendation to management, end users, or other stakeholders. How did you ensure your message was understood and what was the outcome? (The name of the employer where this experience was obtained must be listed in the WORK HISTORY section of the application).
Required Question