Information Security, Sr Analyst SecOps

at  Cache Creek Casino Resort Brooks CA

*Cache Creek Casino Resort located in the beautiful Capay Valley in Brooks, CA.
Summary: The Information Security, Sr Analyst SecOps is responsible for maintaining confidentiality, integrity, and availability for all cyber security systems. This person will operate and maintain security software including but not limited to email security, endpoint detection and response (EDR), vulnerability management, security incident and event management (SIEM) and network detection and response (NDR). Analysts will maintain a daily checklist and create security incidents as appropriate for any findings. Analysts will also support the governance, risk, and compliance functions by monitoring security stack agents’ saturation. Finally, all actions performed by analysts will be recorded into the security incident software to ensure service level agreements are being met.
The Sr Analyst SecOps will need to demonstrate technical knowledge across different security principles and techniques, like: DLP, Vulnerability Management, EDR, Email Security, SIEM, Network Security, Encryption, and cybersecurity best practices. Ideally, this person will have strong knowledge and experience with security products like: Splunk, CrowdStrike, ZScaler, Qualys, Fidelis, Abnormal, Active Directory (AD) and Azure AD. They will also need to develop business knowledge during their tenure so that security strategies are met while providing the best user experience possible.

Essential Duties and Responsibilities include the following. Other duties may be assigned.

• Work with other IT Teams for vulnerability remediation and validation.
• Execute risk/threat-hunting activities.
• Perform security incident response activities.
• Evaluate, setup and configure security products.
• Administrate security products as part of day-to-day operations.
• Resolve security products issues that impact business operations.
• Review audit, security, and system logs and correlation with SIEM.
• Work on blue, purple, and red team exercises.
• Participate in change control meetings for evaluation of risk.
• Develop, document, and improve processes for security operations.
• Evaluate and identify security risks and report findings to management.
• Evaluate IOCs and TTPs from classified sources and extrapolate them for consumption into cyber defense tools.
• Contribute to assisting, training, and supporting other team members.
• Ensure all information security systems are operational and within SLAs.
• Track all security incidents and ensure items are being resolved within SLAs.
• Create reports and develop metrics and KPIs for cyber security tools.
• Staying up to date on trends and new tools in the security industry.

Supervisory Responsibilities: This job does not have any supervisory responsibilities.
Qualifications: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily with or without reasonable accommodations. The requirements listed below are representative of the knowledge, skill and/or ability required.
Education and/or Experience: Bachelor’s degree in information security, Information technology, Computer Science or other related technology degree. Industry certifications like (ISC)2 CISSP, ISACA CISM, CompTIA Security+, CompTIA Network can also satisfy the education requirement. Experience with cyber security products (CrowdStrike, SentinelOne, ZScaler, Netskope, Splunk, Abnormal, Proofpoint, Fidelis, ExtraHop).
Strong knowledge administering multiple operating systems (Windows, Linux, macOS) and common ports and protocols. Working knowledge data loss prevention techniques and certificate management. Ability to analyze firewall rule changes for insecure configurations. Excellent understanding of security concepts including but not limited to: encryption, public key infrastructure, cloud architecture. Strong analytical and problem-solving skills. Excellent verbal and written communication skills.
Language Skills: Ability to read, analyze, and interpret common scientific and technical journals, financial reports, and legal documents. Ability to respond to common inquiries or complaints from customers, regulatory agencies, or members of the business community. Ability to write speeches and articles for publication that conform to prescribed style and format. Ability to effectively present information to top management, public groups, and/or boards of directors.
Mathematical Skills: Ability to work with mathematical concepts such as probability and statistical inference, and fundamentals of plane and solid geometry and trigonometry. Ability to apply concepts such as fractions, percentages, ratios, and proportions to practical situations.
Reasoning Ability: Ability to define problems, collect data, establish facts, and draw valid conclusions. Ability to interpret a variety of instructions furnished in written, oral, diagram, mathematical or schedule form.
Age Requirement: Must be at least 21 years of age.

• Work with other IT Teams for vulnerability remediation and validation.
• Execute risk/threat-hunting activities.
• Perform security incident response activities.
• Evaluate, setup and configure security products.
• Administrate security products as part of day-to-day operations.
• Resolve security products issues that impact business operations.
• Review audit, security, and system logs and correlation with SIEM.
• Work on blue, purple, and red team exercises.
• Participate in change control meetings for evaluation of risk.
• Develop, document, and improve processes for security operations.
• Evaluate and identify security risks and report findings to management.
• Evaluate IOCs and TTPs from classified sources and extrapolate them for consumption into cyber defense tools.
• Contribute to assisting, training, and supporting other team members.
• Ensure all information security systems are operational and within SLAs.
• Track all security incidents and ensure items are being resolved within SLAs.
• Create reports and develop metrics and KPIs for cyber security tools.
• Staying up to date on trends and new tools in the security industry