IT Senior Cybersecurity & Compliance AnalystCiti Trends is Seeking an IT Senior Cybersecurity & Compliance AnalystCiti Trends is seeking an experienced and highly skilled
IT Senior Cybersecurity & Compliance Analyst to support and advance the organization's cybersecurity, compliance, and risk management initiatives. This senior-level role combines technical cybersecurity expertise, regulatory compliance knowledge, and operational leadership to help protect the confidentiality, integrity, and availability of enterprise systems, data, and networks. The ideal candidate will serve as a subject matter expert, partnering across the business to strengthen security controls, maintain compliance, and drive continuous improvement of the organization's security posture.
Essential Duties and Responsibilities- Execute SOX and PCI DSS control activities, including evidence collection, testing support, audit coordination, and remediation follow-up.
- Partner with internal and external auditors, IT teams, and business stakeholders to address findings, support vulnerability remediation efforts, and strengthen the organization's overall security posture.
- Lead change management processes, including impact reviews, risk assessments, approval recommendations, implementation oversight, and documentation for production changes.
- Maintain policies, controls, procedures, and supporting documentation to ensure audit readiness and compliance with regulatory and corporate security standards.
- Contribute to security awareness initiatives, vendor compliance reviews, and consumer consent and request management processes.
- Implement and maintain security tools, controls, monitoring solutions, and ongoing security assessments for systems and services.
- Support incident response activities, including investigation, containment, remediation, root cause analysis, and documentation.
- Lead disaster recovery planning, testing, and documentation to support operational resilience and recovery readiness.
- Monitor, analyze, and respond to security alerts, vulnerabilities, and potential threats across the enterprise environment.
- Support data protection initiatives, including data classification, access controls, encryption, data loss prevention, and mitigation of data-related risks.
- Serve as an escalation point and subject matter expert for cybersecurity and compliance matters.
- Provide after-hours support as needed.
- Perform other duties as assigned.
Education and ExperienceRequired Qualifications- Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field; an equivalent combination of education and experience will be considered.
- 4-7+ years of experience in cybersecurity, compliance, information security, or a related technical field.
- Experience working with cybersecurity tools, monitoring platforms, and security technologies.
- Advanced knowledge of SOX and PCI compliance frameworks.
- Solid understanding of networking, server and directory administration, endpoint management, and infrastructure security.
- Experience with patch management processes, vulnerability remediation, and security best practices.
- Basic scripting proficiency, preferably in PowerShell or VBScript.
- Excellent verbal and written communication skills.
- Strong technical documentation and reporting skills.
Preferred Qualifications- Relevant cybersecurity certifications such as Security+, CISSP, CISM, CISA, or comparable credentials.
- Experience supporting regulatory audits and compliance programs in a retail or enterprise environment.
- Experience with incident response, disaster recovery planning, and business continuity initiatives.
- Knowledge of data protection frameworks, access management, encryption, and data loss prevention technologies.
General Information
The above statements are intended to describe the general nature and level of work being performed by individuals assigned to this position. They are not intended to be an exhaustive list of all duties, responsibilities, and skills required of personnel so classified.