SOC ANALYST II - CYBER SECURITY

The primary responsibility of the

• Assist Analyst I – Cyber Security in monitoring reports from cyber devices to determine which reported items are valid
• Assist Analyst I – Cyber Security in analyzing valid items for actionable events
• Assist Analyst I – Cyber Security in escalating actionable events to appropriate analyst or engineer for further analysis
• Respond to items escalated to mid-tier
• Conduct advanced analysis of cyber security threats
• Scan for anomalies using cyber security tools
• Analyze and escalate appropriate items to Sr Analyst – Cyber Security
• Perform mid-tier forensics activities
• Review error conditions
• Document error conditions into ticketing system and escalate to the responsible Engineer
• Review & respond to system incidents
• Create metrics reports and/or automate reports for IT Compliance
• Perform maintenance on security equipment as needed
• Brief metrics collected to the department for various systems.
• Coordinate SIEM activities where applicable
• Write and maintain run books and topology / data flow drawings for each solution
• Conduct quarterly audits of baselines
• Analyze items escalated and determine further escalation and/or actions and next steps.
• Participate in the investigation of security violations and breaches - may prepare and present reports on intrusions as needed
• Create and provide reoccurring health reports for network and host-based security solutions

• 21 years of age.
• Proof of authorization to work in the United States
• Bachelor’s degree preferred or equivalent work experience
• Must be able to obtain and maintain a Nevada Gaming Control Board Registration and any other certification or license, as required by law or policy.
• Professional cyber related membership and certification required
• 2 – 5 years of experience in cyber technologies to include tuning appliances, hardening, and maintenance, analysis of cyber tool alerts and/or results, and tiered escalation or equivalent education in cyber or IT related fields.
• Experience or equivalent education/certifications in at least 2 of these areas:
• Automated log correlation
• IDS/IPS operation and reporting
• Web service cyber tools
• Firewalls
• Scanning tools and reporting
• Forensic tools and analysis
• SIEM operations
• Gaming industry experience preferred
• Knowledge of metrics development and presentations
• Knowledge of privacy and data protection regulatory requirements
• Must be able to work varied shifts, including nights, weekends and holidays.