Security Engineer, LD
The Security Engineer for Caesars is responsible for implementing day to day Data & Digital Security (DDS) program requirements at a tactical and operational level (network, infrastructure, applications and databases) to ensure that security controls are functioning efficiently and effectively, more specifically in the realm of perimeter security architecture, firewall engineering, security logging, monitoring, alert management, incident handling, vulnerability and configuration management, etc. Furthermore, this position also supports the DDS Team in doing security research and development, product evaluations, consulting, project support, and any other operational tasks needed to support the overall requirements of the program and strategy. The Security Engineer provides technical expertise to implement security related standards, procedures, and guidelines appropriate to securing the existing environment in partnership with various properties and Information Technology.
DIRECTLY SUPERVISES (PLEASE LIST POSITION TITLES):
KEY JOB FUNCTIONS:
Operational Planning & Management
- Act as the primary perimeter security engineer and lead security project initiatives that protect the Caesars IT enterprise network
- Act as an advisor to the properties and network/infrastructure teams and offer solutions to new risks and threats
- Support the Security Operations & Engineering (SOE) teams on activities working directly with the network/infrastructure teams and project teams and take on hands-on work as needed (e.g., tight deadlines, issues, etc.)
- Support the SOE team with penetration testing and vulnerability threat assessments, security reviews and assessments, firewall rule changes, IPS fine-tuning, etc. as needed, of new systems, network changes, third-parties, etc. as part of projects
- Support the SOE team with certificate services, single-sign-on (SSO), multi-factor-authentication (MFA), deployment of these onto mobility-related devices, cloud collaborative services such as Box.com, security reviews and assessments, etc. as needed, of new systems, network changes, third-parties, etc. as part of projects
- Support the activities of the SOE team with the DDS NIS Protection Systems once they are in place (including various infrastructure and network security tools such as firewalls, IPS, anti-malware tools, etc.)
- Perform oversight and monitoring of network and system controls through the use of existing security solutions, such as Firewalls, IPS/IDS, DDoS Prevention solution, etc.
- Coordinate day-to-day operational tasks performed by the Security Operations Center (when required)
- Assist with reviews of company projects and provide input on potential risks, threats, and appropriate solutions to meet information security requirements.
- As needed, ensure timely responses to information security requests in the Remedy ticketing system
Security Risk Management
- Assist with the SOE aspect of various audits, PCI, assessments, etc. to ensure that all outstanding findings and gaps are resolved by the various properties and IT
- Assist in the development, implementation, and management of security policies, standards, procedures, and guidelines that will assist the network/infrastructure teams in integrating security requirements in the network and operating systems
- Be a major influence in promoting the technical understanding of new and existing information security standards, solutions and tools with respect to network and systems
- Monitor the effectiveness of corrective actions and recommending cost-effective preventive measures to preclude recurrences
- Identify areas that would benefit Internal Audit, External Audit and other regulators to enable them to streamline their audit activities and leverage DDS security tools and processes; manage the overall integration of these groups within DDS
- Participate in Incident Response teams as necessary and investigate possible incidents impacting the company
- Support the activities of the SOE team in all SOC procedures
Research & Development
- Perform security assessment, reviews, testing, etc. including evaluating, selecting, deploying and managing network and infrastructure security tools
- Evaluate and participate in outsourcing and/or third-party initiatives that would outsource data processing and management
- Provide technical briefings to the CISO and other key stakeholders such as the CTO on current security issues; contribute to the technical understanding and promotion of new and existing information security standards, solutions and tools; serving as a technical communication channel to the CISO
- Provide R&D and consulting support to the DDS team, IT and business projects as needed
Documentation, Reporting & Analytics
- Contribute to the design and implementation of an operational reporting framework that will provide regular metrics and statistics about our business and IT environment; analyze trends in security events, activities, etc. to better understand risks, insufficiencies in our solutions, staffing shortages, etc.; report security metrics and statistics to the CISO and other key stakeholders such as the CTO
- Document and follow-up on security exceptions relating to IT and property activities that could negatively impact security risks and/or not adhere to established policies, standards, or procedures
Performance and Training Management
- Provide training and advice to less experienced security staff and/or other non-security professionals (IT, properties, e.g.)
- Self-manage career in security by leveraging available courses in-house and courses offered externally; prepare a career plan for short-term and longer-term performance management
Organizational Planning and Management
- Contribute to projects with the IT and property teams and for projects internal to DDS
- Assist with general administrative activities in collaboration with all team members
- Support vendors' activities and relationships
- Prepare project plans and associated documentation
- Prepare status reports and other management metrics as needed
EDUCATION and/or EXPERIENCE:
- Bachelor's degree or equivalent business experience in Computer Science, Database Administration, MIS or Electrical Engineering required
- CISSP, CISA, CISM, GSEC, or related certification(s) preferred
- 3-5 years work experience in computer support, programming or operations required
- 1-2 years hands-on work experience in Information Security
- Requires knowledge of operating systems, relational database architecture, client/server technology, wide and local area networks, communications protocols, real-time systems, mission-critical systems, industry standards and FCC regulations, and various types of computer terminal equipment
- Strong analytical skills, problem solving skills and project management skills
- Extensive training in engineering disciplines including systems programming, systems design, computer technology and software disciplines
- Operations management, project management, and system implementation management skills
Office at One Harrah's Court
FLSA: Exempt (Salary): Non-Exempt (Hourly):
Property Code: Requested Grade: 10
Multi-Property: Dual Rate:
Bonus Plan: MGMT Total Return Other
License(s) Type: Union Code:
This is not necessarily an exhaustive list of all responsibilities, skills, duties, requirements, efforts or working conditions associated with the job. While this is intended to be an accurate reflection of the current job, management reserves the right to revise the current job or to require that other or different tasks be performed when circumstances change, (e.g. emergencies, changes in personnel, workload, rush jobs or technical developments).
The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.
Caesars Entertainment reserves the right to make changes to the job description whenever necessary.
As a part of Caesars Entertainment's employment process, finalist candidates will be required to complete a drug test and background check prior to an offer being extended. Caesars Entertainment Inc. is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, national origin, gender, age, religion, disability, sexual orientation, veteran status, or marital status.
Meet Some of Caesars Entertainment's Employees
Channel Marketing Analyst
Arielle creates easy-to-understand reports that encompass all of the company’s wants and needs so that they can be quickly incorporated into the organization’s roadmaps for implementation.
Back to top