Sr Cyber Defense Security Specialist

Boyd Gaming•Las Vegas, NV

17h

About The Position

Subject matter expert and technical leader who is passionate about complex information security technology, topics and issues. Responsible for technical and operational duties in the areas of computer network defense analysis, vulnerability assessment and management, incident response and management, threat intelligence, data loss prevention, digital forensics, and threat hunting. Provides customer service and technical support with the goal of improving the overall security posture of the organization. Responsible for documenting, monitoring and reporting on various security related systems and processes to ensure system and data integrity, security and availability. Creation of policy, day to day management, administration and maintenance of Information Security tool set. Identification of any tool or visibility gap in the existing tool set. Identification of team requirements for any given technology, documentation of the current or proposed architecture, lead any proof of concept and document results, quantify any recommendations for the use of any new security tool, process or procedure. Cross training the team on day to day use, standard operating procedures and tuning of the security tool set. Analyze threat intelligence and risks. Identify and document impact to Boyd and any mitigation or remediation actions required. Lead initiatives and own the outcomes related to remediation or mitigation against identified day zero attacks. Liaise with cross functional teams to facilitate and ensure implementation of any necessary tasks to defend against the risk. Escalation point and technical subject matter expert for Security Analysts and any third-party security providers. Responsible for tracking all security incidents to resolution. Leading defensive protocols and programs when attacks occur. Simulating attacks to identify potential areas of weakness in defenses and alerting. Writing detailed reports and providing accurate metrics. Perform the role and duties of an internal expert on matters relating to threat detection and incident response. Lead investigations into attacks and indicators of compromise. Provide a coordinated response to applicable complex cyber-attacks. Contribute to the ongoing development and improvement of security monitoring and incident response processes and solutions as required to support Boyd’s Information Security program and exceed team objectives. Tracking cybersecurity news and trends for applicable systems, and reporting concerns to appropriate resources. Documenting and updating security related policies, including participation in the periodic review process and managing policy exceptions and risk acceptances in coordination with the Boyd Risk and Compliance teams. Manage, update, modify alerts, adjust/tune event correlation rules to increase accuracy/relevance/effectiveness and create new rules based on threat changes and evolving risks. Use creativity and innovation to automate and streamline team processes and procedures. Perform event correlation, analysis of malicious activity indicators and appropriate response based on review and access to multiple security tools.

Requirements

Bachelor's Degree in Information Technology or Cyber Security, and/or equivalent experience
7-10 years of professional Information Security Incident Response/ Forensics/ SOC experience
Proven experience with Information Security industry best practices
Proven experience with System/ Application vulnerabilities, threats and exploitation
Proven experience with malware analysis (dynamic and static) or forensic examination
Advanced knowledge and understanding of Windows, Linux, Unix and networking
Understanding of ISO 27001 / 2700 2, NIST Cybersecurity Framework, COBIT, SOX, PCI, CCPA and ITIL
Expert level computer and IT skills
Advanced analytical and problem-solving skills
High levels of creativity, patience and ability to remain calm and focused in a crisis
Highly motivated, self-starter, competitive, and attracted to challenging opportunities
Demonstrated strong decision-making skills
Having a logical and analytical approach to problem-solving, being able to assess situations and decide on the best course of action; understanding test results and developing solutions
Demonstrated advanced organizational and time management skills
Completing tasks in a timely manner; being detail-oriented, able to perform repetitive tests in a thorough and consistent manner; being able to work on several tasks at the same time while still accomplishing goals and deadlines
Advanced communication skills
Being able to articulate technical issues and requirements in a clear and non-technical manner
Excellent teamwork skills
Ability to partner with the business and cross functional IT teams, working as a cohesive and effective unit
Highest levels of honesty, integrity and objectivity
Ability to remain objective when analyzing weaknesses and proposed new solutions; being responsible and understanding the level of trust required to handle private and highly sensitive information and situations

Nice To Haves

Masters ' Degree in Computer Science or Information Security (Preferred)

Responsibilities

computer network defense analysis
vulnerability assessment and management
incident response and management
threat intelligence
data loss prevention
digital forensics
threat hunting
documenting, monitoring and reporting on various security related systems and processes
Creation of policy, day to day management, administration and maintenance of Information Security tool set
Identification of any tool or visibility gap in the existing tool set
Identification of team requirements for any given technology, documentation of the current or proposed architecture, lead any proof of concept and document results, quantify any recommendations for the use of any new security tool, process or procedure
Cross training the team on day to day use, standard operating procedures and tuning of the security tool set
Analyze threat intelligence and risks
Identify and document impact to Boyd and any mitigation or remediation actions required
Lead initiatives and own the outcomes related to remediation or mitigation against identified day zero attacks
Liaise with cross functional teams to facilitate and ensure implementation of any necessary tasks to defend against the risk
Escalation point and technical subject matter expert for Security Analysts and any third-party security providers
Responsible for tracking all security incidents to resolution
Leading defensive protocols and programs when attacks occur
Simulating attacks to identify potential areas of weakness in defenses and alerting
Writing detailed reports and providing accurate metrics
Perform the role and duties of an internal expert on matters relating to threat detection and incident response
Lead investigations into attacks and indicators of compromise
Provide a coordinated response to applicable complex cyber-attacks
Contribute to the ongoing development and improvement of security monitoring and incident response processes and solutions as required to support Boyd’s Information Security program and exceed team objectives
Tracking cybersecurity news and trends for applicable systems, and reporting concerns to appropriate resources
Documenting and updating security related policies, including participation in the periodic review process and managing policy exceptions and risk acceptances in coordination with the Boyd Risk and Compliance teams
Manage, update, modify alerts, adjust/tune event correlation rules to increase accuracy/relevance/effectiveness and create new rules based on threat changes and evolving risks
Use creativity and innovation to automate and streamline team processes and procedures
Perform event correlation, analysis of malicious activity indicators and appropriate response based on review and access to multiple security tools