Security Engineer

Job Description

Description
The Security Engineer for Caesars is responsible for implementing day to day Data & Digital Security (DDS) program requirements at a tactical and operational level (network, infrastructure, applications and databases) to ensure that security controls are functioning efficiently and effectively, more specifically in the realm of perimeter security architecture, firewall engineering, security logging, monitoring, alert management, incident handling, vulnerability and configuration management, etc. Furthermore, this position also supports the DDS Team in doing security research and development, product evaluations, consulting, project support, and any other operational tasks needed to support the overall requirements of the program and strategy. The Security Engineer provides technical expertise to implement security related standards, procedures, and guidelines appropriate to securing the existing environment in partnership with various properties and Information Technology.


DIRECTLY SUPERVISES (PLEASE LIST POSITION TITLES):
N/A

KEY JOB FUNCTIONS:
Operational Planning & Management
• Act as the primary perimeter security engineer and lead security project initiatives that protect the Caesars IT enterprise network
• Act as an advisor to the properties and network/infrastructure teams and offer solutions to new risks and threats
• Support the Security Operations & Engineering (SOE) team on activities working directly with the network/infrastructure teams and project teams and take on hands-on work as needed (e.g., tight deadlines, issues, etc.)
• Support the SOE team with penetration testing and vulnerability threat assessments, security reviews and assessments, firewall rule changes, IPS fine-tuning, etc. as needed, of new systems, network changes, third-parties, etc. as part of projects
• Support the activities of the SOE team with the DDS NIS Protection Systems once they are in place (including various infrastructure and network security tools such as firewalls, IPS, anti-malware tools, etc.)
• Perform oversight and monitoring of network and system controls through the use of existing security solutions, such as Firewalls, IPS/IDS, DDoS Prevention solution, etc.
• Coordinate day-to-day operational tasks performed by the managed services provider (when required)
• Assist with reviews of company projects and provide input on potential risks, threats, and appropriate solutions to meet information security requirements.
• As needed, ensure timely responses to information security requests in the Remedy ticketing system

Security Risk Management
• Assist with the SOE aspect of various audits, PCI, assessments, etc. to ensure that all outstanding findings and gaps are resolved by the various properties and IT
• Assist in the development, implementation, and management of security policies, standards, procedures, and guidelines that will assist the network/infrastructure teams in integrating security requirements in the network and operating systems
• Be a major influence in promoting the technical understanding of new and existing information security standards, solutions and tools with respect to network and systems
• Monitor the effectiveness of corrective actions and recommending cost-effective preventive measures to preclude recurrences
• Identify areas that would benefit Internal Audit, External Audit and other regulators to enable them to streamline their audit activities and leverage DDS security tools and processes; manage the overall integration of these groups within DDS

Incident Management
• Participate in Incident Response teams as necessary and investigate possible incidents impacting the company
• Support the activities of the SOE team in all SOC procedures

Research & Development
• Perform security assessment, reviews, testing, etc. including evaluating, selecting, deploying and managing network and infrastructure security tools
• Evaluate and participate in outsourcing and/or third-party initiatives that would outsource data processing and management
• Provide technical briefings to the CISO and other key stakeholders such as the CTO on current security issues; contribute to the technical understanding and promotion of new and existing information security standards, solutions and tools; serving as a technical communication channel to the CISO
• Provide R&D and consulting support to the DDS team, IT and business projects as needed

Documentation, Reporting & Analytics
• Contribute to the design and implementation of an operational reporting framework that will provide regular metrics and statistics about our business and IT environment; analyze trends in security events, activities, etc. to better understand risks, insufficiencies in our solutions, staffing shortages, etc.; report security metrics and statistics to the CISO and other key stakeholders such as the CTO
• Document and follow-up on security exceptions relating to IT and property activities that could negatively impact security risks and/or not adhere to established policies, standards, or procedures

Performance and Training Management
• Provide training and advice to less experienced security staff and/or other non-security professionals (IT, properties, e.g.)
• Self-manage career in security by leveraging available courses in-house and courses offered externally; prepare a career plan for short-term and longer-term performance management

Organizational Planning and Management
• Contribute to projects with the IT and property teams and for projects internal to DDS
• Assist with general administrative activities in collaboration with all team members
• Support vendors' activities and relationships
• Prepare project plans and associated documentation
• Prepare status reports and other management metrics as needed

Qualifications

Palo Alto, DLP, PKI, SSO, SIEM, CISSP

Additional Information

All your information will be kept confidential according to EEO guidelines.