|Published||September 20, 2023|
JOB TITLE: CYBER SECURITY ANALYST
REPORTS TO: SUPERVISOR/MANAGER/DIRECTOR
WAGE SCALE: SALARY/NON-EXEMPT
Role: Cybersecurity Analyst
Reports to: IT Supervisor
Based in: Savannah, Georgia
CITI TRENDS OVERVIEW:
Citi Trends is a high-growth, publicly held retail brand with a fleet of 600+ Stores across 33 States. We are the leading specialty value store for lower-income African American and Latinx Families with a rich history of catering to under-resourced communities on a path to grow to $1 Billion in sales. Our track record of delivering eight straight years of profitability coupled with no debt allows us to invest in people, systems, and infrastructure to scale our business. We carry a world-class assortment of branded and private branded merchandise across apparel, accessories, footwear, and home for the entire family that is showcased in an inviting store environment staffed by friendly associates. The Citi Trends experience works in rural, suburban, and urban communities with the potential to grow to 1,000 stores to serve our loyal and expanding customer base. We are actively building our team of diverse leaders in a culture filled with passion, collaboration, agility, and customer obsession and will continue to uphold our longstanding commitment to diversity and inclusion. Our purpose, “Live Bold. Live Proud. Respect All.” ignites the passion in our teams to set the bar high and amaze our customers each and every day.
The IS Cybersecurity & Compliance Analyst is critical to the organization's cybersecurity program. They will collaborate with other departments to ensure that the company's security systems, data, solutions, services, and applications are secure.
They will monitor the environment and they will examine and respond to all potential threats.
They will make recommendations to continuously improve the company's overall security posture, as well as aid in the selection and implementation of new security systems.
Additionally, they will be responsible for ensuring that the processes and procedures related to monitoring, measuring, and reporting on the company security posture are effectively executed.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Monitoring and maintaining the company’s cybersecurity posture.
- Participate in the implementing of new security systems.
- Participate in updates to existing security systems.
- Participate in the creating, and ongoing maintenance, of disaster recovery plans.
- Partner with external services to assess security alerts & events.
- Partnering with internal and external resources to perform penetration testing.
- Partnering with internal and external resources to perform security assessments.
- Assessing administrative, physical, and technical security risks to data, software, and hardware.
- Conduct security training.
- Conduct phishing exercises.
- Assist in the SOX and PCI assessments.
- Basic understanding of Business Continuity and Incident Response Plans.
- Document / implement policies and procedures.
- Vendor audits.
- Provide after-hours support (7x24x365), as needed.
• All other duties and responsibilities as assigned.
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill and/or ability required.
- Proficient with Microsoft Office Suite (Word, Outlook, Excel, Power Point)
- Must be a strong team player.
• Must be analytical.
• Strong attention to detail
• Must be inquisitive and demonstrate strong detective skills.
• Ability to multitask.
- Strong knowledge of network infrastructure.
- Strong knowledge of perimeter defense security.
- An understanding of PCI and SOX compliance.
- Some scripting proficiency, preferably PowerShell or VBS.
- Strong level of computer and server operating systems.
- Excellent communication skills (verbal, written, etc.).
- Excellent documentation skills.
- AS/400 knowledge is a plus.
EDUCATION and/or EXPERIENCE
- Bachelor’s, or Associate, Degree in Cybersecurity, Information Technology, Computer Science, or equivalent.
- Security+ or comparable certification is preferred.