Under the direction of the Manager, Information Security Operations, the Security Analyst is responsible for ensuring that information assets are adequately protected by actively maintaining and improving the enterprise Information Security program. The Security Analyst is familiar with information technology systems and works closely with the Information Technology (IT) department to ensure proper security rules and procedures are in place for all current and future IT systems. The Security Analyst champions a security mindset to all enterprise team members and recognizes the value of standards, policy and procedures, operational effectiveness, and high availability. This position supports new capabilities and assists in security assessments to identify vulnerabilities, remediation strategies, and supports the implementation of effective safeguards. The Security Analyst also supports incident response activities, analysis, remediation, mitigation, and assists with post-incident activities.

Essential Duties & Responsibilities

1. Provides incident response and issue management resulting from security investigations; collaborates with technical and enterprise leadership to follow up on security incident management processes and procedures; assists in development and resolution of daily incident reports. Incidents include, but are not limited to, intrusion detection, malware infections, denial of service attacks, data leak protections, privileged account misuse and network breaches.

2. Develops and enhances security use cases with the Tribe’s Managed Security Services Provider (MSSP) services, Security Information and Event Management (SIEM) platform, and distributed cyber security toolsets.  Leverages the use of existing technologies within the enterprise including programming, scripting, or other software and system integration work.

3. Monitors security logs and alerts to identify and investigate potential security incidents. Participates in on-call rotation to support after-hours security incidents and operational support.

4. Validates environment controls to ensure systems are operating securely and data is protected from both internal and external attacks.  May consist of endpoint protections, data leak prevention, system configurations, processes, and account utilization.

5. Recommends and assists in the remediation of security controls and enhancements to reduce risk throughout enterprise systems, data, and network. May include environmental security controls, compensating controls, and exception management.

6. Documents existing enterprise security systems configuration, processes, procedures and recommends improvements and/or alternatives.

7. Provide cradle-to-grave lifecycle management of cyber security toolsets within the Information Security program.  This includes designing, planning, acquisition, inventory, process documentation, deployment, administration, maintenance, configuration change management, monitoring, troubleshooting, capacity estimation, status, and service metrics reporting, decommission and other service assurance activities.

8. Conducts research on emerging security technologies to support system development efforts and recommends technologies to increase cost effectiveness and flexibility in a holistically secure environment. Provides security expertise and assistance to Business Analysts, Network Technicians, Systems Architects, and software development teams.

9. Maintains an understanding of Tribal Goals, Tribal Gaming requirements, enterprise policies, industry gaming requirements, and Minimum Internal Control Standards (MICS) concerning security issues.

10. Performs other duties as assigned to support the efficient operation of the department.

Education/Experience/Qualifications

• Bachelor’s degree in information security, technology, statistics, mathematics, or related field is required.

• Minimum of Six (6) years of information security, technology or related experience is required with at least three (3) years of experience in one or more of the following areas is required:

  • Security Information and Event Monitoring (SIEM).

  • Host Intrusion Detection and Prevention Systems (HIDS/HIPS).

  • Enterprise security controls.

  • Security Orchestration and Automated Response.

  • Incident Response Programs.

• Related, relevant, and/or direct experience may be considered in lieu of minimum educational requirements indicated above. 

• Experience in troubleshooting through Open Systems Interconnection (OSI)Model:

  • Network security monitoring, traffic analysis, packet capture.

  • Network Access Control technologies.

  • Transmission Control Protocol and the Internet Protocol (TCP/IP) networking and routing protocols.

  • Implementing two-factor authentication.

• Experience with the following technology preferred:

  • Data Loss Protection.

  • Forensic Software Suites.

  • Network Infrastructure.

  • Virtualization Platform Security.

  • Operating Systems Security.

  • Access Management Security.

  • Privileged Access Management.

• Must have strong communications and presentation skills.

• Familiarity with Casino and Tribal government security goals and objectives is preferred.

• Must understand the value of standards, policy and procedures, operational effectiveness, and high availability.

Certificates/Licenses/Registrations

• At the discretion of the San Manuel Tribal Gaming Commission, you may be required to obtain and maintain a gaming license.

• Certifications in System, Network and Data Security are preferred.

• Global Information Assurance Certification (GIAC) is preferred.

San Manuel Band of Mission Indians will make reasonable accommodations in compliance with applicable law.

As one of the largest private employers in the Inland Empire, San Manuel deeply cares about the future, growth and well-being of its employees. Join our team today!