Cyber Security Analyst

Primary Duties and Responsibilities: include but are not limited to:

Provides guidance and direction for the protection of information systems assets to other functional units through a structured security review process.
Implement and maintain Security tools and platforms such as Network Data Loss Prevention, Cloud Access Security Broker, Privileged Access, Identity Access Management, file and removable media protection tools, and Security Awareness Training portals.
Design, document, test, maintain, and provide issue resolution recommendations for highly complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security.
Engage with key stakeholders cross-functionally ensuring sufficient collaboration and interaction to uncover gaps and blind spots, then remediate those with improved strategies, processes, and controls, and execution of the CIS framework, cybersecurity platforms, and solutions.
Works on the most complex problems where analysis of situations or data requires evaluation of intangible factors.
Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives.
Collaborate and influence all levels of professionals including managers.
Maintains ongoing interactions with Mohegan's Security Vendors and Cyber Security Team Members throughout our respective properties.
Experience analyzing cyber vulnerabilities, assessing system compliance against security controls, and developing risk mitigation plans and strategies.
Support the development of security policies, standards and plans to ensure the protection of corporate data against unauthorized use, access, modification, and destruction.
Works with stakeholders in the execution of risk management, information security, and data compliance corporate initiatives across all global business units
Executes computer investigation efforts as requested and authorized by management. Participates in the Change Control Review Process for the purpose of providing Cybersecurity subject matter expertise.
Designs, delivers, monitors, and supports the System Access Review Process. Ensures the user community understands and adheres to necessary procedures and policies to maintain security.
Ensures Cybersecurity environment is secure and appropriate recovery and redundancy issues are addressed.
Is a top-level technical contributor with advanced knowledge and experience in Cybersecurity and related hardware and software?
Maintains a high level of technical expertise and knowledge of current products, to determine which best meet the organization's needs.
Presents information to management that may result in purchasing and installing hardware, software, and equipment.
Authors, reviews, and maintains network technical documentation and library of functional specifications.
Acts as an internal consultant and mentor, providing technical guidance to junior staff.
Design: Works with management, peers, and vendors to design and implement hardware/software configurations, logical models, operational management models, and business continuity plans for systems under management. Ensures Service Level Objectives are met.
Support: Works with management, peers, and vendors to provide ongoing monitoring, performance tuning, implementation, and fault root cause analysis for systems under management. Ensures Service Level Objectives are met.
Technical Writing: Creation and maintenance of troubleshooting and operational documentation for all systems under management. Authors and peer-reviews knowledgebase articles documenting fault root causes and their respective resolutions.
Training: Provides and receive cross-discipline training to ensure maximum availability of systems under management
Communications: Communicates effectively verbally, and in written form. Carries and responds to the off-hours communications device, in order to provide 24x7x365 support for systems under management.
Continuous Improvement: Actively pursues opportunities, as an individual and as part of a group, to improve knowledge, tools, and processes for systems under management.

Secondary Duties and Responsibilities:

Promotes superior customer service.
Provides enterprise-wide support as needed.
Responsible for maintaining and enforcing confidentiality and privacy rules pursuant to all applicable regulations.
Participates in and complies with Mohegan 's Change Management process and methodology.
Responsible for enforcing the privacy rules pursuant to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) as applicable to Mohegan.
Provides on-call 24/7/365 production support for designated systems.

Minimum Education and Qualifications:

Bachelor's degree in computer science, Engineering, Business, or a related field, and five years of progressive Information Technology experience
Two years of experience as a Cybersecurity Specialist providing support to an enterprise Cybersecurity infrastructure for a corporation of at least 2,000 employees
Two years of experience in developing IAM solutions in cloud service providers (Microsoft Azure & Amazon Web Services)
CISSP or equivalent certification(s) or experience
Experience with various Cybersecurity frameworks (CIS, COBIT, ISO 27001/27002, NIST, etc.)
Experience with SIEM systems, threat intelligence, and behavioral-based systems for monitoring security issues
Possess an excellent understanding of technology infrastructures, such as Routing/Switching, Firewalls, VPN, Data Loss Prevention, Intrusion Detection/Prevention, Web-Proxy, Behavior Analytics, End Point Detection/Response (EDR), Cloud Security, and security audits/assessments
Demonstrate excellent problem-solving skills, is well organized, flexible, and self-motivated.
Possess an analytical mindset and a detailed understanding of cyber security methodologies. Possess meticulous attention to detail and work comfortably under pressure and deliver on tight deadlines.
Stay current on cyber security trends and news to help continually develop company-wide best practices for cyber security.
Experience securing cloud systems (IaaS/PaaS/SaaS).
Experience with assessments, audits, and regulatory compliance
Ability to obtain and maintain gaming licensure in one or more jurisdiction.
Ability to work in a team environment, as well as independently.
Excellent written and verbal communication skills
In lieu of bachelor's degree an associate degree in computer science, Engineering, Business or a related field, and eight years of progressive Information Technology experience may be considered in addition to the qualifications above

Competencies: Incumbent will master the following competencies while in this position:

Expert knowledge of all currently deployed Mohegan Cybersecurity products
Intermediate knowledge of Microsoft Visio and other design and documentation tools
Knowledge of the Control Objectives for Information and related Technology (COBIT) and the Information Technology Infrastructure Library (ITIL)
Excel at process improvement and root cause analysis

Physical Demands and Work Environment:

Office and work from home environment
Must be able to sit in front of a computer screen for extended periods of time.
Requires occasional off-shift work, including late night and early morning hours.
25% domestic and international travel may be required for this position.
Must be able to work various shifts and flexible hours

This is not necessarily an exhaustive list of all responsibilities, requirements or working conditions associated with the job. Mohegan reserves the right to make changes in the above job description whenever necessary.

Mohegan Sun practices Native American Preference. "Native American" means an individual who is duly enrolled member of the Mohegan Tribe or duly enrolled member of any group of Native Americans recognized as an Indian Tribe by the Mohegan Tribe, the United States, or the State of Connecticut.