icrunchdata Network Uncasville, Montville, CT, USA
Dec 08, 2019Full-time
Position Summary: This position is responsible for designing and implementing the necessary controls and procedures to cost-effectively protect information systems assets from intentional or inadvertent modification, disclosure or destruction. Assists in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines). Prepares status reports on security matters to develop security risk analysis scenarios and response procedures. Responsible for the tracking and monitoring of software viruses. Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports and investigates possible security exceptions, updates, and maintains and documents security controls. Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness. Provides direct support to the business and IT staff for security related issues. Educates IT and the business about security policies and consults on security issues regarding user built/managed systems. Represents the security needs of the organization by providing expertise and assistance in all IT projects with regard to security issues. Primary Duties and Responsibilities: includes but not limited to: Provides guidance and direction for the protection of information systems assets to other functional units through a structured security review process. Delivers reports to superiors regarding effectiveness of data security and makes recommendations for the adoption of new procedures. Acts as primary application support and administrator of information security technical platforms including, ePolicy Orchestrator, Websense, ArcSight SIM, FoundScan and remote access technologies. Executes computer investigation efforts as requested and authorized by management. Participates on the Change Control Review Board for the purpose of providing information security subject matter expertise. Designs, delivers, monitors and supports the System Access Review Process. Ensures the user community understands and adheres to necessary procedures and policies to maintain security. Ensures information security environment is secure and appropriate recovery and redundancy issues are addressed. Responsible for technical architecture and makes recommendations related to information security. Is a top-level technical contributor with advanced knowledge and experience in the area of information security and related hardware and software. Maintains a high level of technical expertise and knowledge of current products, to determine which best meet the organizations needs. Presents information to management that may result in the purchase and installation of hardware, software and equipment. Authors, reviews and maintains network technical documentation and library of functional specifications. Acts as an internal consultant and mentor, providing technical guidance to junior staff. Design: Works with management, peers and vendors to design and implement hardware/software configurations, logical models, operational management models, and business continuity plans for systems under management. Ensures Service Level Objectives are met. Support: Works with management, peers and vendors to provide ongoing monitoring, performance tuning, implementation, and fault root cause analysis for systems under management. Ensures Service Level Objectives are met. Technical Writing: Creation and maintenance of troubleshooting and operational documentation for all systems under management. Authors and peer-reviews knowledgebase articles documenting fault root causes and their respective resolutions. Training: Provides and receives cross-discipline training in order to ensure maximum availability of systems under management. Communications: Communicates effectively verbally, and in written form. Carries and responds to off-hours communications device, in order to provide 24x7 support for systems under management. Continuous Improvement: Actively pursues opportunities, as an individual and as part of a group, to improve knowledge, tools and processes for systems under management. Secondary Duties and Responsibilities: Promotes superior customer service Provides enterprise-wide support as needed Responsible for maintaining and enforcing confidentiality and privacy rules pursuant to all applicable regulations Participates in and complies with Mohegan Sun’s Change Management process and methodology Responsible for enforcing the privacy rules pursuant to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) as applicable to Mohegan Sun Provides on-call 24/7 production support for designated systems Minimum Education and Qualifications: Bachelors’ Degree in Computer Science, Engineering, Business or a related field, and four years of progressive Information Technology experience Two years of experience as an Information Security Specialist providing support to an enterprise information security infrastructure for a corporation of at least 2,000 employees Demonstrated technical knowledge of local and wide area networking, operating systems, security best practices and architectures Experience in reading, analyzing and interpreting documents and technical procedures Experience in the secure configuration/implementation of firewalls, intrusion detection/prevention systems, internet proxies, security information management products and host-based configurations Ability to obtain and maintain gaming licensure in one or more jurisdictions OR Associates Degree in Computer Science, Engineering, Business or a related field, and eight years of progressive Information Technology experience Two years of experience as an Information Security Specialist providing support to an enterprise information security infrastructure for a corporation of at least 2,000 employees Demonstrated technical knowledge of local and wide area networking, operating systems, security best practices and architectures Experience in reading, analyzing and interpreting documents and technical procedures Experience in the secure configuration/implementation of firewalls, intrusion detection/prevention systems, internet proxies, security information management products and host-based configurations Ability to obtain and maintain gaming licensure in one or more jurisdictions. Competencies : Incumbent will master the following competencies while in this position: Expert knowledge of all currently deployed Mohegan Sun Information Security products. Intermediate knowledge of Microsoft Visio and other design and documentation tools. Knowledge of the Control Objectives for Information and related Technology (COBIT) and the Information Technology Infrastructure Library (ITIL). Excel at process improvement and root cause analysis. Excellent written and verbal communication skills Training Requirements: Knowledge of Mohegan Sun corporate and department policies and procedures Appropriate regulations that pertain to Mohegan Sun information systems Review and analysis of department timesheet information Mohegan Sun technical architecture and standards Physical Demands and Work Environment: Office work environment Must be able to sit in front of a computer screen for extended periods of time Requires occasional off-shift work, including late night and early morning hours. Ability to travel to remote locations up to 25%. Must be able to work various shifts and flexible hours This is not necessarily an exhaustive list of all responsibilities, requirements or working conditions associated with the job. MGE reserves the right to make changes in the above job description whenever necessary.