Data Security & Governance Analyst

The City of Savannah is seeking a highly skilled and forward-thinking Data Security and Governance Analyst to serve as a key architect of the City’s data protection, compliance, and governance framework. This role is critical to safeguarding City data assets while enabling secure, compliant, and responsible use of emerging technologies.

The new Data Security and Governance Analyst will be a data security and management expert who will lead the implementation, configuration, and operational management of a governing solution such as Microsoft Purview, with a strong focus on establishing data access policies and safeguards to ensure secure and compliant use of AI-powered tools and other data archival technologies across the organization. This position will play a vital role in advancing the organizations cybersecurity efforts by implementing and managing policies, procedures and controls to protect data confidentiality, identity and availability and to ensure that security policies align with organizational goals to provide the ability for accurate data-driven decisions.

The ideal candidate will have deep expertise in Microsoft 365 compliance tools, data loss prevention (DLP), information protection, and role-based access control (RBAC). This role is critical to protecting City data as well as the vast digital City archives.

We offer great pay, excellent benefits to include medical, dental, and vision plans, life insurance,employee/spouse/child supplemental life insurance, short-term disability, tuition reimbursement,wellness programs, deferred compensation plan (457 B), pension plan, flexible spending account,home purchase assistance and 12 paid holidays!

Women, Minorities, and Veterans Are Encouraged to Apply

• Design and implement Microsoft Purview Information Protection policies to classify and label data (e.g., Public, Confidential, Restricted).
• Establish and maintain sensitivity labels, retention policies, and ata classification schemas for Copilot and broader M365 usage.
• Define Copilot guardrails, ensuring that AI-generated content does not expose unauthorized data.
• Monitor data access patterns and manage data access controls.
• Investigate anomalies using tools such as Purview Audit and Microsoft Defender for Cloud Apps.
• Implement Data Loss Prevention (DLP) policies to prevent oversharing of sensitive information internally and externally.
• Manage compliance portals, configure Microsoft Purview roles and permissions, and coordinate with security teams for ongoing audits.
• Provide documentation, training, and support to ensure department-wide adoption of best practices for AI governance.
• Stay current with Microsoft Purview roadmap and evolving features related to AI and data security.
• Identifies, assesses and mitigates risks relate to data security and governance and works with ITS Security Team to access and remediate potential data breaches and unauthorized access.
• Implement processes and controls to ensure data accuracy, completeness and consistency.
• Collaborates with stakeholders throughout the CoS to ensure effective data governance practices and enforcement
• Performs other related duties and responsibilities as required.
  
  

Bachelor’s degree from an accredited college or university and/or four (5) years of professional Data Security and Governance experience; or any equivalent combination of education, training and experience provides the requisite knowledge, skills and abilities.

• 3–5 years of experience administering Microsoft 365 compliance and security tools.
• Proven experience with Microsoft Purview, Information Protection, and Data Loss Prevention.
• Familiarity with Microsoft Copilot, its data architecture, and how it interfaces with M365 workloads.
• Strong understanding of data governance frameworks, zero-trust security, and least-privilege access models.
• Experience with NIST, CJIS, and HIPAA data compliance standards.
• Knowledge of relevant regulations and industry standards.
• Strong understanding of data security and governance principles and practices.
• Good interpersonal skills with department office staff.
• Work management skills related to managing fast-paced working environments
  
  

Preferred Qualifications

• Microsoft Certified: Information Protection and Compliance Administrator Associate (SC-400)
• Microsoft Certified: Cybersecurity Architect Expert
• Experience with technology projects
• Demonstrably high standards in a fast-paced work environment
• Able to work with an appropriate sense of urgency
• Understanding the concepts of the PMI model for project management
  
  

Work Location: 1000 Business Center Drive, Suite 120 Work Hours: 8 am - 5 pm, Monday - Friday

Background investigation, including supervised drug screen, post offer/pre-employment medical screen; and verification of education, certifications, and licenses required prior to employment

• Excellent verbal and written communication skills
• Consistently strive to demonstrate the IT Values within various City departments.
• Strong understanding of Cybersecurity and data management principles.