Under the direction of the Chief Information Security Officer, the Information Security Analyst role is to strategically oversee all enterprise information security issues; including but not limited to – data security, system security, and network security. The Security Analyst must have an extensive working knowledge of the current state of all our IT systems and must work closely with the Information Technology Department to insure proper security rules and procedures are in place for all current and future IT systems.
The Security Analyst will champion a security mindset to all Tribal and Casino personnel and must also understand the value of standards, policy and procedures, operational effectiveness and high availability. This individual will provide consultation and approval of all systems and software plans, as well as evaluate and select all technologies required to complete those plans. In addition, the Security Analyst will provide technical leadership across the organization, from strategic decision, operational issues and business continuity from a security perspective.
Essential Duties & Responsibilities
- Design and implement long-term strategic goals and short-term tactical plans for managing and maintaining corporate systems, data and network.
- Assist in auditing computer systems to ensure they are operating securely and that data is protected from both internal and external attacks. Will perform security scans using vendor utility tools.
- Design audits of computer systems to ensure they are operating securely and that data is protected from both internal and external attack. Make recommendations for preventive measures as necessary.
- Ensure that proposed and existing systems architectures are aligned with required security goals and objectives.
- Provide security expertise, technical leadership, and assistance to Business Analysts, Network Technicians, Systems Architects, and software development teams.
- Maintain a solid understanding of Tribal Gaming requirements, industry gaming requirements and MICS concerning security issues.
- Document the company’s existing security systems portfolio; make recommendations for improvements and/or alternatives.
- Develop, document, and communicate plans for investing in tribal system security, including analysis of cost reduction opportunities.
- Conduct research on emerging security technologies in support of systems development efforts, and recommend technologies that will increase cost effectiveness and systems flexibility in a holistically secure environment.
- Review new and existing systems design projects and procurement or outsourcing plans for compliance with standards and architectural plans.
- Develop, document, communicate, and enforce a policy for standardizing systems and software as necessary.
- Lead investigations of security violations and breaches and recommends solutions; prepares reports on intrusions as necessary and provides analysis summary to management.
- Support the integration with the Tribe’s Managed Security Services Provider (MSSP) services, and distributed cyber security toolsets. This may including leveraging existing technologies within the organization, programming, scripting, or other software and system integration work.
- Provide cradle-to-grave lifecycle management of cyber security toolsets consumed by peer functions within the Information Security program. This includes designing, planning, acquisition, inventory, process documentation, deployment, administration, maintenance, configuration change management, monitoring, troubleshooting, capacity estimation, status and service metrics reporting, decommission and other service assurance activities.
- Provide incident response support as toolset-specific Subject Matter Expert for security events including but not limited to intrusion detection, malware infections, denial of service attacks, privileged account misuse and network breaches.
- Collaborate with IT management.
Security Analyst has no direct supervisory responsibilities, but rather applies his/her leadership and expertise to supervise the coordination of IT activities, both new IT projects and major IT renovations, and current operations. Responsibilities include interviewing, managing workflow and training employees; planning, assigning, and directing work pertaining to IT activities driven by security decision points.
- Bachelor’s Degree in Information Technology preferred; 10 years related experience and/or equivalent combination of education and experience.
- Seven or more years of experience in computer science, management information systems, or data security experience.
- System, Network and Data Security Certifications are desired.
- CISSP certification preferred.
- Experience with SIEM Technologies, Log Harvesting/routing/management Tools, Security Analytics Platforms, Network Recording and Forensic Offerings. Additional Cyber Security Toolsets, Including Fraud Monitoring, Data Leakage Prevention, And Privileged Access Monitoring a Plus.
- Knowledge of the San Manuel Indian Bingo and Casino Policies and Procedures, or a similar tribal/gaming environment, is highly desired.
- Experience working with information security practices, networks, software, and hardware.
- Experience working with computer programming.
- Strong communications and presentation skills.
- At the discretion of the San Manuel Tribal Gaming Commission you may be required to obtain and maintain a gaming license.
- Must be able to undergo and successfully pass pre-employment drug test, live scan fingerprinting, background investigation (criminal and civil) and credit check.
- A qualified candidate/employee must have a valid driver’s license with an acceptable driving record as determined by the company’s insurance carrier.
San Manuel Band of Mission Indians and San Manuel Casino will make reasonable accommodations in compliance with the Americans with Disabilities Act of 1990.