Security Analyst II

Under the direction of the Manager, Information Security Operations, the Security Analyst II is responsible for ensuring that information assets are adequately protected by actively maintaining and improving the enterprise Information Security program. This role is familiar with information technology systems and works closely with the Information Technology (IT) department to ensure proper security rules and procedures are in place for all current and future IT systems.

This position champions a security mindset to all enterprise team members and recognizes the value of standards, policy, and procedures, operational effectiveness, and high availability. This position supports new capabilities and assists in security assessments to identify vulnerabilities, remediation strategies, and supports the implementation of effective safeguards. This position also supports incident response activities, analysis, remediation, mitigation, and assists with post-incident activities.

ESSENTIAL DUTIES AND RESPONSIBILITIES

1. Drives incident response and issue management resulting from security investigations; collaborates with technical and enterprise leadership to follow up on security incident management processes and procedures; assists in development and resolution of daily incident reports. Incidents include, but are not limited to, intrusion detection, malware infections, denial of service attacks, data leak protections, privileged account misuse and network breaches.
2. Develops, drives, and enhances security use cases with the enterprise Managed Security Services Provider (MSSP) services, Security Information and Event Management (SIEM) platform, and distributed cybersecurity toolsets.  Leverages the use of existing technologies within the enterprise including programming, scripting, or other software and system integration.

3. Monitors security logs and alerts to identify, analyze, and investigate potential security incidents. Participates in on-call rotation to support after-hours security incidents and operational support.

4. Validates environment controls to ensure systems are operating securely and data is protected from both internal and external attacks.  May consist of endpoint protections, data leak prevention, system configurations, processes, and account utilization.

5. Recommends and assists in the remediation of security controls and enhancements to reduce risk throughout enterprise systems, data, and network. May include environmental security controls, compensating controls, and exception management.

6. Documents existing enterprise security systems configuration, processes, procedures, and recommends improvements and/or alternatives.

7. Provide cradle-to-grave lifecycle management of cybersecurity toolsets within the Information Security program.  This includes designing, planning, acquisition, inventory, process documentation, deployment, administration, maintenance, configuration change management, monitoring, troubleshooting, capacity estimation, status, service metrics reporting, decommissioning, and other service assurance activities.

8. Conducts research on emerging security technologies to support system development efforts and recommends technologies to increase cost-effectiveness and flexibility in a holistically secure environment. Provides security expertise and assistance to Business Analysts, Network Technicians, Systems Architects, and software development teams.

9. Maintains an understanding of Tribal Goals, Tribal Gaming requirements, enterprise policies, industry gaming requirements, and Minimum Internal Control Standards (MICS) concerning security issues.

10. Performs other duties as assigned to support the efficient operation of the department.

EDUCATIONAL, EXPERIENCE AND QUALIFICATIONS

• Bachelor’s degree in information security, technology, statistics, mathematics, or related field required.

• Minimum four (4) years of experience in an information security role required.

• Experience with Casino and Tribal government technology and security goals strongly preferred.

• Experience with the following technology preferred:

  • Artificial Intelligence tools and techniques

  • Data Loss Protection

  • Forensic Software Suites

  • Network Infrastructure

  • Virtualization Platform Security

  • Operating Systems Security

  • Access Management Security

  • Privileged Access Management

• Related, relevant, and/or direct experience may be considered in lieu of minimum educational requirements indicated above.

KNOWLEDGE, SKILLS AND ABILITIES (KSA)

• Must have strong communications and presentation skills.

• Must understand the value of standards, policy and procedures, operational effectiveness, and high availability.

LICENSES, CERTIFICATIONS AND REGISTRATIONS

• At the discretion of the San Manuel Tribal Gaming Commission, you may be required to obtain and maintain a gaming license.

• Certifications in one of the following: Information Technology Infrastructure Library (ITIL), Information Systems Audit and Control Association (ISACA), The Computing Technology Industry Association (CompTIA), International Information System Security Certification Consortium (ISC2), SysAdmin, Audit, Network, and Security (SANS), Global Information Assurance Certification (GIAC) required.

• No Driving Responsibilities: Role does not require a driver’s license or insurance.

PHYSICAL REQUIREMENTS/ WORKING CONDITIONS – ENVIRONMENT

The physical demands and working environment described here are representative of those that an employee encounters and must be met by an employee to successfully perform the essential functions of this job.

• Primary work environment is in a climate-controlled office setting.

• Work requires travel to attend meetings, trade shows, and conferences.

• Incumbents may be required to work evening, weekend and holiday shifts.

• Must be able to work in a fast-paced, high-demand environment.

• Strength sufficient to exert up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects and/or move up to 40 pounds occasionally.

• Sedentary work: involves sitting most of the time. Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine, and computer printer.

• Physical activities that apply to the essential functions of the position are balancing, stooping, kneeling, crouching, reaching, pushing, pulling, lifting, grasping, talking, hearing, and repetitive motions.

• Hearing sufficient to hear conversational levels in person, via videoconference and over the telephone.

• Speech sufficient to make oneself heard and understood in person, in front of groups, in meetings, via videoconference and over the telephone.

• Visual acuity that meets the requirements of the position: The worker is required to have close visual acuity to perform an activity such as preparing and analyzing data and figures; transcribing; viewing a computer terminal; expansive reading and visual inspection of employees, visitors or facility.

• Mobility sufficient to safely move in an office environment, walk, stoop, bend and kneel, and enter, exit and operate a motor vehicle in the course of travel to promotional events, meetings, conferences, trade shows and San Manuel properties.

• Endurance sufficient to sit, walk and stand for extended periods, and maintain efficiency throughout the entire work shift and during extended work hours.

• The employee may be exposed to fumes or airborne particles including secondhand smoke.

Reasonable accommodation will be made in compliance with all applicable law.

As one of the largest private employers in the Inland Empire, San Manuel deeply cares about the future, growth and well-being of its employees. Join our team today!