Senior Information Security Analyst
Department / Function: Technology ~ Technology
We require an experienced Senior Information Security Analyst to deliver in all facets of SCIENTIFIC GAMES’s enterprise networks and to support information and IT security efforts of the Risk Management Office. You will work with business and technology departments and teams to ensure security policy compliance, and regulatory security concerns are met as well as providing reports, metrics and perform assessment and trend analysis. There will be a requirement to assist in the Enterprise Information Protection (EIP) program using Data Loss Protection tools (DLP).
Essential Job Functions:
- Assist in the implementation and on-going support of IT Security policies, standards and procedures including EIP/DLP.
- Support all corporate information security tools and initiatives, including DLP, source code management, intellectual property management, personal/financial licensing tool management and legal e-discovery tools.
- Support security projects and work with business owners, clients and system managers.
- Review the networking infrastructure and systems to ensure security best practices and standards are implemented and followed.
- Support Risk Management Office on internal audit, Legal, Human Resources and Physical Security to address audit, risk and compliance concerns.
- Assist in security initiatives to meet regulatory requirements such as SOX and penetration audits.
- Monitor information security compliance using various tools and technology including identity and access management.
- Own and drive incident management bridge calls and chats with production management, application development, infrastructure teams, and senior leadership with the purpose of remediating customer impacting incidents quickly.
- Establishing strong command and control of an Incident, establishing clear accountability and methodical evaluation of complex issue scenarios.
- Competent and reliable adherence to critical process and procedure, and appropriate escalations in support of production incidents.
- Applying technical and environmental knowledge and experience to develop and drive appropriate work streams, forming paths to resolution.
- Distribution of clear and concise communications, summarizing incidents and the business/customer experience to a wide group of technical and non-technical audiences.
- Ensure incident data is accurately captured and documented in the incident recording tools.
- Priming appropriate materials and follow ups to hand-off to the Root Cause Analysis phase in the Problem Management process.
- AS Information Technology or equivalent
- Desirable certifications include CompTIA Network+, Security+, Cisco CCNA, Microsoft MCSE
- Assess security risk, research and recommend countermeasures in accordance with Scientific Games requirements, conduct formal security engineering assessments and security assessments.
- Have extensive knowledge of McAfee ePO, Encryption, DLP, and MOVE.
- Proficient with ForcePoint web filtering, Crowd Strike Falcon Host, IMPERVA Incapsula, and Avecto.
- Minimum Security+ or equivalent certifications
- Experience in Information Security and AA/AS degree
- IT operations or audit background
- Cisco, Microsoft Windows, Oracle databases (EBS)and Unix enterprise networking
- 0-3 years or more of Security related experience or equivalent training
- Experienced in identifying and preventing security breaches
- Security-related hardware and software experience; LAN/WAN, WLAN management and systems security administration
Knowledge, Skills, & Abilities:
- Top troubleshooting skill
- Team-building approach
- Customer service oriented
- Well-versed in Network Security tools, processes and software vulnerability issues
- Extensive knowledge of McAfee® ePolicy Orchestrator®
- The ability to change priorities and focus quickly to address the needs of the business