Seminole Hard Rock Support Services provides Information Technology Services for Seminole Gaming and Hard Rock International and their subsidiaries and/or franchisees.
The Information Security Analyst II is responsible for reducing risk to the company’s systems, networks, corporate and customer data by evaluating, monitoring, and enforcing information security controls. This position will involve monitoring of security applications and alerts, cybersecurity incident response, threat validation and reporting, incident and threat coordination and communication, participation in the development of cyber analysis activities.
The primary duties and responsibilities of the application security analyst follow:
- Serve as a first line of defense by managing security alerts/issues; analyzing log files, network traffic and IDS/IPS alerts to assess, prioritize and differentiate security events between potential security threats and false alarms.
- Provide SIEM monitoring, log analysis and incident response to information security alerts.
- Maintain and operate SIEM/log analysis solution, including data collection, aggregations, and regular exception reporting.
- Monitor, review and analyze alerts and logs from Firewalls (FW), Intrusion Detection Systems (IDS), Intrusion Prevention System (IPS), Endpoint Solution (AV, EDR), audit trails, system logs and other monitoring data sources and ensure they are in compliance with policies and audit requirements.
- Perform highly complex analysis and technical tasks involving event detection and rapid response across various environments of the enterprise.
- Analyze and/or initiate appropriate escalation of security threats found internally or via managed security service providers to mitigate potential threats and vulnerabilities.
- Participate in the management of some third party service provider.
- Be part of the incident response team, as such launch and track security incident investigations to resolution.
- Advise in the steps to take to investigate and resolve cyber security incidents.
- Monitor and distribute security notifications in adherence with the established notification/security information sharing protocols.
- Assist with formulation and distribution of Information Security Metrics and Event Reports.
- Perform other security team relevant duties and responsibilities as assigned.
- Bachelor’s degree preferred in Computer Sciences, Information Technology, Information Security or other related field.
- Five (5) years of related work experience, which includes two (2) years of practical experience in security operation and incident response.
- At least one industry standard certification such as Security+, or other such as Certified Information Systems Security Professional (CISSP), GIAC Security Essentials (GSEC), etc.
- Experience analyzing and handling security incidents and leading response.
- Experience with various operating systems, networking, and cloud solutions (Azure & AWS).
- Hands on experience with security systems, including firewalls, intrusion detection/prevention systems, endpoint security, log management, content filtering, etc.
- Experience with log aggregation, event correlation, and enterprise security analysis tools.
- Experience with threat analysis and response management including, but not limited to, direct command of incidents, prioritization of findings, evidence collection, developing remediation strategies, and measuring those strategies.
- Experience with vulnerability assessment and penetration testing.
- Experience in directing and developing solutions to improve efficiencies with emphasis on enabling other groups while maintaining security.
- Experience directing and developing solutions to automate data feeds, synchronization processes, and other repetitive maintenance activities.
- Experience automating security systems to increase productivity, ensure availability, and improve integrity of data.
- Experience using systems and data to build business cases and provide actionable plans to enhance security posture.
- Experience in configuration of Information Security monitoring systems to provide logging, monitoring, and actionable alerting such as SIEM; IDS/IPS; Database Activity Monitoring; and Vulnerability Scanners
- Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus.
- Clear ability to build strong relationships and establish trust with stakeholders at all levels.
- Excellent verbal and written communications skills.
- Strong leadership skills with demonstrated ability to prioritize and execute in a methodical and disciplined manner.
- Ability to solve complex problems in a timely manner by working with multiple stakeholders.
- Ability to manage multiple tasks and work streams effectively.
- Ability to follow detailed procedures and processes with a high degree of accuracy.
- Customer-focused mindset, with demonstrated skill in managing expectations, providing proactive status updates, and producing high-quality work product.
- Experience managing project through the full system development lifecycle.
- Multiple language abilities preferred – fluency in English (written and spoken) required.
- Flexibility to travel as required, up to 15% overnight travel.