Specialist Analyst - Response

JOB SUMMARY: 

The Specialist Analyst - Response works to resolve credible incidents while ensuring Leadership is kept aware of possible issues.  While working closely with the Specialist Analyst - Detection, SA-Response acts with a heightened focus on operational continuity and the continuous improvement of security measures during and after incident resolution.  Efficiently and effectively communicating with various individuals and departments is a requirement as any SA-Response performs the necessary steps to determine an incident's possible impact, persistence, and severity.  If an incident escalates into an event, SA-Response must promptly alert Leadership and minimize potential damage to the Enterprise by implementing the incident response plan.  Throughout the process, the SA-Response is expected to provide detailed reports of procedures and outcomes of any credible incident, as well as suggesting and establishing updated steps and procedures to the Incident Response Plan once containment and resolution have occurred.

 

KEY JOB FUNCTIONS:

• Review security alerts and events from various sources when presented with a credible incident (e.g., SIEM, IDS/IPS, EDR)
• Review credible security incidents to determine their current and ongoing impact and severity
• Respond to security incidents by following established incident response procedures
• Review analysis forwarded from Incident Detection to validate root cause, and then recommend mitigation strategies to leadership
• Collaborate and coordinate with cross-functional teams to improve security posture and prevent future incidents.
• Develop and maintain incident response playbooks and procedures
• Lead post-incident reviews and create detailed incident reports
• Stay up to date with the latest security threats, vulnerabilities, and industry best practices
• Participate in security assessments and audits to identify potential risks and recommend mitigation strategies
• Provide training and foster peers on security awareness and incident response protocols
• Direct and coordinate incident response activities, including containment, eradication, and recovery
• Create custom queries, searches, data models, creating correlated alerts, and dashboards on-demand as needed
• Foster a collaborative relationship with the Cybersecurity Threat Intelligence team to integrate threat intelligence information into detection and enrichment initiatives

 

EDUCATION and/or EXPERIENCE and QUALIFICATIONS: 

• Bachelor’s or Master’s degree in computer science, Information Security, or a related field
• 8+ years of experience in a SOC role
• 5+ years of experience in an Incident Response role
• Relevant certifications (e.g., CISSP, CISM, CEH, CISA, GSEC, GIAC) are a plus
• Proficiency in security architecture and design principles
• Advanced understanding of network protocols and security technologies (Firewalls, IDS/IPS)
• In-depth knowledge of compliance frameworks (NIST, ISO 27001)
• Intermediate understanding of Cryptography, authentication, and access control as well as general & specific malware and malware behavior
• Experience with Cloud security and DevSecOps practices
• Basic programming skills (Python, Java, etc.) for developing security solutions
• Experience in custom queries, searches, data models, creating correlated alerts, and dashboards
• Advanced experience with security Monitoring tools and techniques
• Strong analytical and problem-solving skills.
• Strong communication and interpersonal skills with a focus on limiting the dissemination of speculation
• Proven experience facilitating critical incident investigation with a diverse team of responders

 

PHYSICAL WORK ENVIRONMENT AND REQUIREMENTS:

Availability – 24/7 On Call

Travel – 10%

At Caesars Entertainment, Inc., our Team Members create the extraordinary. We are the largest casino-entertainment company in the U.S. and one of the world's most diversified casino-entertainment providers. Since beginning in Reno, Nevada, in 1937, Caesars Entertainment has grown through the development of new resorts, expansions and acquisitions. Our resorts operate primarily under the Caesars®, Harrah's®, Horseshoe® and Eldorado® brand names. We focus on building loyalty and value with our guests through a combination of impeccable service, operational excellence and technological leadership. The company is committed to its Team Members, suppliers, communities and the environment through its PEOPLE PLANET PLAY framework.  

Our Caesars family is driven by our Mission, Vision and Values. We take great pride in living these values – Together We Win, All In On Service and Blaze the Trail – every day. Our mission, “Create the Extraordinary”. Our vision, “Create spectacular worlds. That immerse, inspire and connect you. We don’t perform magic; we create it with excellence. #WeAreCaesars”.  If you are ready to create some magic, we invite you to explore our dynamic, yet unique, career opportunities.