Cyber Security Analyst

Description

Arrow International is the world's largest manufacturer and supplier of charitable gaming products and solutions. We produce and distribute a wide array of products including consumables (pull tab tickets, bingo paper and ink, etc.) as well as world class, state-of-the-art, electronic gaming products. Our products are sold, installed, and operated in numerous social and gaming venues around the world. We continue to grow at a record pace and offer this exciting career opportunity to join our team where we are focused on attracting and engaging exceptional talent, empowering colleagues to achieve fulfilling careers, and creating fun and engaging products that are second to none for our customers.

Position Summary

As a Cyber Security Analyst II working on the Arrow E-Gaming R&D team, you will be responsible for building and managing a Cyber Security program that our team of over 50 Software developers will utilize to build modern, secure gaming products.  In addition to working with Arrow’s Corporate Technology team, you will work closely with cross-functional teams within R&D, including Dev Ops and Systems Engineering, to identify and remediate security vulnerabilities in our products and process.  You will also liaise with outside security auditors, implement security controls to mitigate risks, and increase the overall Cybersecurity posture of our state-of-the-art product line. 

Primary Roles and Responsibilities

• Develop and maintain security policies, procedures, and guidelines that govern the R&D team’s security operations, ensuring compliance with regulatory requirements and industry best practices. 
• Conduct vulnerability assessments and penetration tests on our products and development systems to identify weaknesses and gaps in our security controls, and work with Corporate Technology and R&D teams to implement remediation measures. 
• Manage product development security awareness initiatives by developing training materials, conducting security awareness sessions, and educating R&D employees about security best practices and policies. 
• Stay updated on the latest cybersecurity threats, trends, and technologies, and provide recommendations for security enhancements and improvements to our development pipeline. 
• Collaborate with stakeholders across the organization to communicate security risks and requirements and provide guidance on security best practices and  controls. 
• Investigate security incidents to determine the root cause, extent of impact, and potential remediation actions, and document findings in incident reports. 

Requirements

• Understanding of software development technology and software development life cycles. 
• Strong working knowledge of endpoint security best practices and threat prevention. 
• Working knowledge of Cloud security frameworks, management on Azure and AWS. 
• Familiar with vulnerability assessment, analysis, and remediation processes. 
• Familiar with  risk management frameworks, assessment methodologies/process 
• Ability to  identify, assess, and mitigate security risks. 
• Experience with security awareness platforms. 
• Capable of  developing and delivering security awareness training programs. 
• Strong analytical and problem-solving skills. 
• Excellent communication and people skills. 
• Ability to work collaboratively in a team environment. 
• Strong organizational skills and attention to detail. 
• Experience with organizational tools such as Smartsheets, Jira, Confluence, etc.