Senior Cybersecurity Analyst

About The Position

Requirements

• Bachelor’s degree in information security, Computer Science, or equivalent work experience.
• 5–10 years of hands-on experience in SOC operations, incident response, threat analysis, digital forensics, or similar security functions.
• Deep understanding of SIEM platforms, EDR/XDR tools, identity systems, email security, network and firewall logging, and cloud security concepts.
• Strong familiarity with MITRE ATT&CK, cyber kill chain, and threat-actor TTPs.
• Experience with risk management, vulnerability assessment, penetration testing, and compliance frameworks (NIST, ISO 27001, PCI DSS, HIPAA).
• Proficiency in scripting and automation (Python, PowerShell).
• Excellent written and verbal communication skills, including executive-ready reporting.
• Strong analytical, problem-solving, and leadership skills.

Nice To Haves

• Experience in hospitality, gaming, or 24/7 enterprise environments.
• Certifications such as CISSP, CISM, Security+, CySA+, GCIA, GCIH, CEH, or similar.
• Experience with threat intelligence platforms, YARA/Sigma detections, or automated SOAR workflows.
• Familiarity with data classification, DLP controls, and data movement monitoring.
• Understanding of forensic principles, memory/disk analysis, or malware behavior.

Responsibilities

• Perform Level-3 triage and deep-dive investigations for advanced alerts across SIEM, EDR/XDR, email security, cloud security, network telemetry, IAM platforms, and application logs.
• Lead incident intake, impact analysis, triage logic development, and event correlation across multiple data sources.
• Validate, tune, and improve detection rules, thresholds, and correlation logic to minimize false positives and maximize visibility.
• Identify root causes, attack paths, indicators of compromise (IOCs), and technique-level behaviors aligned to the MITRE ATT&CK framework.
• Lead security incidents from detection through containment, eradication, and recovery.
• Coordinate with IT, Network, Cloud, Database, Legal, Compliance, and leadership teams to drive timely remediation.
• Produce executive-level incident summaries, detailed technical analysis reports, and lessons-learned documentation.
• Participate in on-call escalation rotation for high-severity events.
• Conduct proactive threat-hunting exercises across endpoints, identities, network flows, and cloud activity logs.
• Develop hypotheses, test scenarios, evaluate anomalous behavior, and uncover unknown or sophisticated threats.
• Advance behavioral detection by identifying emerging attacker techniques relevant to Wynn’s environment.
• Partner with engineering teams to enhance SIEM/EDR configurations, detection content, dashboards, and automated response playbooks.
• Design and implement enterprise-wide security controls and frameworks.
• Support secure development practices and architecture reviews.
• Validate the effectiveness of existing controls, including EDR configuration, firewall rules, IAM policies, and DLP systems.
• Conduct risk assessments, vulnerability management, and penetration testing.
• Ensure compliance with relevant frameworks (NIST, ISO 27001, PCI DSS, HIPAA) and regulatory requirements.
• Develop and maintain SOC runbooks, IR playbooks, and security procedures.
• Create metrics, KPIs, and after-action reports for continuous improvement.
• Lead or support security awareness and training programs for staff.
• Mentor junior SOC analysts and assist with onboarding, cross-training, and knowledge sharing.
• Develop and maintain scripts and automation for security operations (Python, PowerShell, etc.).
• Support the integration of security tools and automation workflows.
• Support security projects, tool deployments, audits, and assessments.