IT Security Analyst

Description

Job Summary:

As a Security Analyst, you will play a critical role in maintaining and improving the security posture of the enterprise. You will be responsible for monitoring, analyzing, and responding to security incidents, identifying vulnerabilities, and implementing security controls to protect our data, systems, and infrastructure. You will work closely with other members of the security team, IT operations, and business stakeholders to proactively identify and mitigate risks.

Duties and Responsibilities

• Monitor security systems, including Security Information and Event Management (SIEM) solutions, intrusion detection/prevention systems (IDS/IPS), endpoint detection and response (EDR) tools, firewalls, and other security technologies.
• Analyze security alerts and events to identify and investigate potential security incidents.
• Perform incident response activities, including containment, eradication, recovery, and post-incident analysis.
• Document incident details, findings, and remediation steps.
• Provide timely and accurate reporting on security incidents to management and stakeholders.
• Conduct vulnerability assessments using automated scanning tools and manual techniques.
• Analyze vulnerability scan results to identify and prioritize vulnerabilities based on risk.
• Develop and implement remediation plans to address identified vulnerabilities.
• Track vulnerability remediation progress and ensure timely resolution.
• Participate in penetration testing and red teaming exercises.
• Implement and maintain security controls based on industry best practices, regulatory requirements (e.g., GDPR, CCPA, etc.), and organizational policies.
• Review and update security policies, standards, and procedures.
• Conduct security audits and assessments to ensure compliance.
• Assist in the development and implementation of security awareness training programs.
• Stay current on the latest security threats, vulnerabilities, and attack techniques.
• Analyze threat intelligence feeds to identify and assess emerging threats.
• Conduct threat modeling and risk assessments to proactively identify and mitigate risks.
• Collaborate with other members of the security team, IT operations, and business stakeholders to ensure a coordinated security approach.
• Communicate security risks and recommendations to technical and non-technical audiences.
• Participate in cross-functional projects related to security improvements.
• Provide on-call support as needed.

Qualifications

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Minimum 3 years of experience in information security, with a focus on security analysis and incident response.
• Strong understanding of security principles, concepts, and technologies, including:
  • Network security (firewalls, IDS/IPS, VPNs)
  • Endpoint security (antivirus, EDR, endpoint hardening)
  • Security Information and Event Management (SIEM) solutions.
  • Vulnerability management and penetration testing
  • Cloud security (AWS, Azure, GCP - preferred)
  • Operating system security (Windows, Linux)
  • Web application security
• Experience with incident response methodologies and frameworks (e.g., NIST, SANS).
• Experience with vulnerability scanning tools.
• Experience with scripting languages (e.g., Python, PowerShell) is a plus.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and as part of a team.
• Strong organizational and time management skills.
• Relevant certifications (e.g., CISSP, CISM, CEH, Security ) are a plus.

• Technical documentation skills, produced in a step-by-step manner, regarding every task.
• Must be able to work flexible schedules, including nights, weekends and holidays may be required.
• Must be at least twenty-one (21) years of age.
• Must be able to obtain a gaming license.

Physical Requirements 

• Prolonged periods of sitting at a desk and working on a computer.
• Must be able to lift 15 pounds at times.
• Ability to move between hot, noisy, and smoky conditions of bar and climate-controlled dining environment.

Catawba Indian Nation Gaming Authority exercises INDIAN PREFERENCE

Native American Indian preference shall apply to this position pursuant to the Indian Self-Determination and Education Assistance Act (24 U.S.C. 450, et seq.), 25 CFR 271.44 and other relevant laws (Title 25, U.S. code, Section 472 & 473).

Salary : $70,000 - $90,000