Senior Security Engineer

About The Position

Requirements

• 3-5 years of experience in information security with hands-on breadth across endpoint, network, cloud, and identity domains.
• Hands-on experience with enterprise endpoint detection and response platforms, including prevention policy tuning, automated response workflows, and live response capabilities.
• Experience with next-generation firewall platforms, including security policy management, application-aware controls, and remote access VPN.
• Experience with cloud-delivered Zero Trust network access and secure web gateway platforms, including policy architecture and data loss prevention.
• Experience with enterprise SIEM platforms, including detection rule development and alert triage at scale.
• Cloud identity and access management experience including conditional access policy design, MFA architecture, and hybrid identity environments.
• Familiarity with vulnerability management platforms, scan design, and SLA-based remediation tracking.
• Working knowledge of PCI DSS v4.0 requirements and AI adoption security risks, including agentic AI systems and shadow AI.
• Ability to automate procedural tasks using Python, PowerShell, or similar scripting languages.

Nice To Haves

• Experience with Microsoft 365 security, cloud identity platforms, and mobile device management for Windows and macOS fleets.
• Familiarity with advanced email threat protection platforms and bug bounty program operations.
• Experience with infrastructure as code and container security.
• Familiarity with gaming commission cybersecurity requirements or other regulated industry environments.
• Industry certifications such as CISSP, GCIH, GPEN, CCSP, or equivalent vendor-specific certifications.
• Background in hospitality, gaming, retail, or multi-location enterprise environments is a plus.

Responsibilities

• Implement and maintain security controls across endpoint, network, identity, cloud, and application security layers.
• Administer and tune next-generation firewall policies, Zero Trust network access controls, secure web gateway configurations, and DNS security.
• Serve as a hands-on security operations contributor: triage alerts, investigate incidents, and drive containment and remediation across the enterprise security tool stack.
• Support incident response activities across all IR phases and maintain response playbooks for threat scenarios relevant to hospitality, gaming, and entertainment verticals.
• Build and tune detection logic within the enterprise SIEM, develop automated response workflows, and perform threat hunting using endpoint, network, and identity telemetry.
• Support the vulnerability management program including scan coverage, asset tagging, and SLA-based remediation tracking.
• Implement cloud identity security controls including conditional access policy, MFA enforcement, and mobile device management for Windows and macOS environments.
• Support email security operations including authentication controls, advanced threat protection tuning, and BEC detection.
• Provide application security guidance and support the bug bounty and responsible disclosure program, including vulnerability triage and researcher communications.
• Evaluate AI-powered tools and agentic AI platforms from a security perspective, assess adoption risks, and contribute to internal AI use policies and guardrails.
• Support PCI DSS v4.0 compliance and NIST CSF 2.0 control mapping across a multi-environment organization.
• Collaborate with IT infrastructure, network engineering, and application teams to embed security into design and build processes.

Benefits

• Multiple benefit plans to suit your needs
• Paid Time Off
• 401K
• Opportunities for advancement
• Positive and respectful work environment where diversity is valued
• Generous employee discounts on dining, retail, amusements, and hotels
• Community volunteer opportunities