The Information Security Engineer is responsible for developing, monitoring, evaluating and maintaining systems and procedures to protect host and network systems from unauthorized access. This team member will create, implement, and evaluate security standards, guidelines, and procedures relating to firewalls, intrusion prevention, vulnerability scanning, host operating systems, and network devices; as well as identify new areas of risk within the IT infrastructure. Additionally, this team member will also be responsible for determining areas of weakness in network security architecture and implementing/ensuring adherence of current security programs and policies.
ESSENTIAL DUTIES & RESPONSIBILITIES
- Designs, installs, and supports security technologies such as VPN, firewalls, DMZs, security architecture, IDS, and encryption.
- Reviews proposals to significantly enhance or modify the configuration or functionality of intranets, firewalls, and servers.
- Designs and monitors security for routers, switches, operating systems, key gaming applications and other technologies.
- Monitoring includes performing analysis of system logs to identify unauthorized use or access.
- Participates in emergency response team activities for responding to various security incidents.
- Provides in-depth support for information security incidents including internal violations, hacker attacks, virus, and system outages.
- Reviews the existing information security procedures and systems, and makes suggestions for the improvement of these procedures and systems.
- Prepares and periodically updates information security policies, architectures, standards, and/or other technical requirement documents.
- Acts as a technical resource to users, department management, and others with in the company who are seeking more information about information security.
- Provides special technical guidance to the Information Technology Department staff about the risks and control measures associated with new and emerging information systems technologies.
- Participates in, and acts as a security expert in periodic information systems risk assessments.
- Develops detailed proposals and plans for new information security systems that would enhance or enable new capabilities for network or host systems.
- Recommends and evaluates security tools to identify more efficient and effective security measures. This includes research and initiation of new projects that will allow greater standardization, centralization, and more effective management of information security measures.
KNOWLEDGE, SKILLS & ABILITIES
- 5 to 7 years in networking or IT Security with a large corporation.
- Bachelor's degree in Information Technology (or related field) or equivalent experience is required.
- Technical Certification (CISSP, MCSE, CCNA, GIAC) is preferred, combined with hands on experience supporting security requirements of a large, global enterprise environment.
- Cisco certifications or experience a plus.
REQUIRED SECURITY TECHNICAL PROFICIENCIES
- SIEM tools
- Security assessment tools
- Monitoring/Analysis software
- Documentation (Visio, Word, Excel, etc.)
- Compliancy (PCI, HIPAA, SOX)
- Ability to secure licenses with various state gaming commissions
- Preferred security technical proficiencies
- Scripting/Coding (PowerShell, Python, etc.)
- Cisco routers and switches
- Virtualization (VMware, etc.)