Specialist Analyst - Detection

JOB SUMMARY: 

The Specialist Analyst - Detection applies a proactive approach to incident detection and investigation with an eye on operational continuity and the continuous improvement of security measures, and reports credible incidents to leadership, and refers investigations to Specialist Analyst - Response.  Specialist Analysts are responsible for identifying and investigating possible security abnormalities to separate unusual-but-explainable operational situations from actual security incidents.  They will provide reports for any possible incidents, no matter if it is a false positive or an actionable incident.  Focusing on efficient and effective communications, SA-Detection are expected to minimize potential operational disruptions throughout the investigative and reporting process, while coordinating with the various individuals and departments involved.  Once potential incident enrichment has led to findings, SA-Detection will report those findings to both leadership and, as necessary, refer to SA-Response for containment, remediation and final closure.

 

KEY JOB FUNCTIONS:

• Monitor security alerts and events from various sources (e.g., SIEM, IDS/IPS, EDR)
• Quickly, but thoroughly, analyze and investigate potential security incidents to determine their credibility, impact and severity
• Respond to security incidents by following established incident response procedures
• Perform in-depth analysis of security events to identify root causes and current state
• Collaborate and coordinate with cross-functional teams to improve security posture and prevent future incidents
• Aid in development of incident response playbooks and procedures
• Provide detailed incident reports
• Stay up to date with the latest security threats, vulnerabilities, and industry best practices
• Participate in security assessments and audits to identify potential risks and recommend mitigation strategies
• Provide training and foster peers on security awareness and incident response protocols
• Participate in post-incident reviews and contribute to final incident reports
• Create custom queries, searches, data models, creating correlated alerts, and dashboards on-demand as needed
• Foster a collaborative relationship with the Cybersecurity Threat Intelligence team to integrate threat intelligence information into detection and enrichment initiatives

 

EDUCATION and/or EXPERIENCE and QUALIFICATIONS: 

• Bachelor’s or Master’s degree in computer science, Information Security, or a related field
• 8+ years of increasing responsibility in a SOC role
• Relevant certifications (e.g., CISSP, CISM, CEH, CISA, GSEC, GIAC) are a plus.
• Advanced understanding of network protocols and security technologies (Firewalls, IDS/IPS)
• Advanced experience with security Monitoring tools and techniques
• In-depth knowledge of compliance frameworks (NIST, ISO 27001)
• Experience with Cloud security and DevSecOps practices
• Intermediate understanding of Cryptography, authentication, and access control as well as general & specific malware and malware behavior
• Experience in custom queries, searches, data models, creating correlated alerts, and dashboards
• Basic programming skills (Python, Java, etc.) for developing security solutions
• Strong analytical and problem-solving skills
• Strong communication and interpersonal skills with a focus on limiting the dissemination of speculation
• Proven experience facilitating critical incident investigation with a diverse team of responders

 

PHYSICAL WORK ENVIRONMENT AND REQUIREMENTS:

Availability – 24/7 On Call

Travel – 10%

At Caesars Entertainment, Inc., our Team Members create the extraordinary. We are the largest casino-entertainment company in the U.S. and one of the world's most diversified casino-entertainment providers. Since beginning in Reno, Nevada, in 1937, Caesars Entertainment has grown through the development of new resorts, expansions and acquisitions. Our resorts operate primarily under the Caesars®, Harrah's®, Horseshoe® and Eldorado® brand names. We focus on building loyalty and value with our guests through a combination of impeccable service, operational excellence and technological leadership. The company is committed to its Team Members, suppliers, communities and the environment through its PEOPLE PLANET PLAY framework.  

Our Caesars family is driven by our Mission, Vision and Values. We take great pride in living these values – Together We Win, All In On Service and Blaze the Trail – every day. Our mission, “Create the Extraordinary”. Our vision, “Create spectacular worlds. That immerse, inspire and connect you. We don’t perform magic; we create it with excellence. #WeAreCaesars”.  If you are ready to create some magic, we invite you to explore our dynamic, yet unique, career opportunities.