IT Systems Security Engineer

About The Position

Requirements

• College diploma or university degree and/or completing college diploma in the field of computer science, information technology, systems engineering, or a cybersecurity-specific program and/or a minimum of 6 years equivalent work experience.
• Deep understanding and knowledge of computer networks, operating systems, and security protocols and secure coding practices.
• Proficient in a range of technology systems including network security devices (firewalls, intrusion detection/prevention systems), operating systems (Windows, Linux, MacOS), vulnerability scanners, endpoint security solutions, encryption technologies, identity and access management systems, Security Information and Event Management (SIEM) tools, and cloud security platforms.
• Proven experience working with security protocols and encryption techniques.
• Experience working with a range of security standards: ISO 27001, NIST SP 800-53, PCI DSS, HIPAA, GDPR, CIS Controls, and industry-specific standards relevant to the gaming industry.
• Ability to conduct research into IT security issues and products as required.
• Must be at least 21 years of age.

Nice To Haves

• Industry certifications like CCNA, CISSP, CISA, or CompTIA Security+ are preferred.
• Tribal casino gaming & hospitality experience preferred.

Responsibilities

• Participate in the planning and design of enterprise security architecture, in collaboration with network engineering.
• Participate in the creation of enterprise security documents (policies, standards, baselines, guidelines, and procedures) under the direction of the IT Operations Manager, where appropriate the VP of IT.
• Participate in the planning and design of an enterprise business continuity plan and disaster recovery plan, under the direction of IT Operations Manager and IT Vice President, where appropriate.
• Collaborate with IT Techopps, Busdevops and the Network team to ensure smooth and reliable operation of software and systems for fulfilling business objectives and processes.
• Work with executive team members, decision makers, and stakeholders to resolve business systems issues.
• Maintain up-to-date detailed knowledge of the IT Security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
• Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
• Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
• Gauge and monitor the effectiveness and efficiency of existing systems against threats; develop and implement strategies for improving or further leveraging system tools.
• Perform server and security audits, contribute to system backup procedures, and other recovery processes in accordance with the disaster recovery and business continuity strategies.
• Maintain up-to-date baselines for the secure configuration and operations of devices.
• Monitor security solutions for efficient and appropriate operations.
• Review security tool alerts, logs and reports.
• Interpret the implications of suspicious activity and devise plans for appropriate mitigation and/or resolution.
• Participate in investigations into suspicious or problematic cyber activity.
• Participate in the remediation of penetration vulnerability assessments and security audits.
• Participate in on-call support related to security issues.