Information Security Operations Manager

Boyd Gaming Corporation   •  

Las Vegas, NV

Industry: Hospitality & Recreation


Less than 5 years

Posted 87 days ago

This job is no longer available.

Education Required: Bachelors Degree
Experience Required: 3 - 5 Years

Position Description:
The IT Security Operations Manager is responsible for managing a team that manages the Boyd Gaming Security Operations program and Security Operations Center, both tactically and operationally. Also responsible for ensuring that security controls, tools and team members are operating effectively and optimally.

The Manager will have strategic visibility into, and direct responsibility for, the effective, expeditious and efficient operations of all aspects of the SOC, including:

  • Technology: Incident, offense, alert and vulnerability management, maintenance, optimization and continual improvement.
  • People: Communications, education, mentoring, training and direct supervision of staff.
  • Process: Process creation, refinement and implementation, cross-team/discipline collaboration, maintenance of external and internal stakeholder relationships.

This is people leader role who will manage and oversee the optimal usage of IS tools/systems by the team and is not hands-on with the technology. The manager will focus on maintaining strategic situational awareness and knowledge transfer to enable the continual growth and improvement of the entire team

• Represent Boyd Style and core values.
• Management of the Security Operations Center - Lead a team of internal technical security team members and third-party vendors.
• Verify vendor service level agreements with respect to security incident response are met.
• Work closely with overall IT security, risk and compliance teams to maintain security requirements for operations of security tools.
• Oversee all comprehensive monitoring of IT Security tools, reviewing system and application logs, intrusion detection alerts for indication unauthorized activity, insider threat, or criminal behavior.
• Participate in all Security Incident Response activities and integrate with broader company incident response as needed.
• Actively participate in all third-party assessments, tabletops and assessments.
• Ensure complete documentation of security monitoring and incident response activities, utilizing case management and ticketing technologies.
• Assist in the design and implementation of an IT Security Risk framework.
• Assist the Security leadership to build, develop and manage a defense capability encompassing Intelligence, threat detection and response that provides timely and credible intelligence of known and anticipated threats to the Boyd Gaming Corporation infrastructure, information, staff or guests.
• Develop and maintain policies, procedures, standards, and guidelines.
• Monitor and provide metrics of the overall effectiveness of the Security Operation program.
• Oversee and enhance internal and external vulnerability management program.
• Oversee vulnerability identification including system level reviews, vulnerability scans, and penetration tests on infrastructure and applications. Advise and lead security efforts with cross-functional teams to drive the closure of identified vulnerabilities.
• Represent information security at change control meetings.
• Update and maintain computer forensics and incident response procedures.
• Perform annual testing of enterprise incident response plan.
• Mentor and train junior security staff.
• Participate in the implementation and maintenance of HR policies/procedures. Hire, motivate and develop team members, define priorities and objectives, follow up progress of skills and achievements to have qualified, competent and motivated employees.
• Initiate, facilitate, and promote activities to create information security awareness within the organization. Provide regular security awareness training material for inclusion in annual compliance training program.
• Monitor compliance with information security policies and procedures.
• Bridge gaps between control requirements, technical issues and business risks
• Manage security projects including resourcing, budgeting, and providing project updates to senior IT and business teams.
• Determine SOC operational strategies by conduction of needs and root cause assessments, performance reviews, capacity planning and cost benefit/analysis.
• Identify and evaluate state-of-the-art technologies.
• Complete system audits and analysis.
• Oversee and direct system, process improvement, and quality assurance programs; install upgrades as needed.
• Oversee and assign training activities in order to achieve the highest levels of team operational readiness.
• Process and maintain a wide variety of files, logs, reports and forms
• Monitor and adhere tointernal controls, including legal, corporate and regulatory procedures to ensure the safety andsecurityof Corporate assets, personnel and guest data.

Position Requirements:
• Bachelor’s degree in Security / IT / Engineering and/or additional experience may be substituted for degree.
• Specialized training in intrusion analysis systems, penetration testing, vendor management, and customer relations.
• CISSP, CISM, CCNA, and/or Windows certifications preferred but not required.

• Minimum three to five (3-5) years of experience in a SOC as a manager or senior analyst, or similar experience. • Knowledge of security operations/procedures and analytical products.
• Minimum two (2) years in supervising staff or leading security teams.
• Supervisory experience including training, development, corrective action and scheduling.
• Experience managing of outsourced managed security service providers.
• Experience with anti-malware, vulnerability and penetration testing, patching, file integrity monitoring.
• Effective communicator, both written and oral.
• Able to work in a fast paced, high volume and highly regulated environment with rapidly changing priorities and responsibilities.
• Must be willing to work various shifts to include evenings, weekends, and holidays.
• Advanced knowledge of MS Windows, both servers and workstations.
• Knowledgeable of incident resolution and handling.
• Knowledgeable of common vulnerabilities, and ability to keep up on the latest exploits.
• Knowledgeable of incident analysis and investigation.
• Knowledgeable of vulnerability scanners, and penetration testing tools, and how to coordinate outside vendors to perform them regularly.
• Familiarity with various network analysis tools.
• Advanced understanding of network transports, and routers, switches, firewalls, and wireless access points, along with windows hosts, Linux, and Mac, and advise on how to best secure each.
• Able to solve complex problems.
• Strong business and results orientation.
• Able to lead and interact effectively at all levels, across diverse cultures.
• Serve as an effective team leader.
• Ability to implement changes to operations and external/internal environments.
• Collaborative and open to a partnership approach to achieve security goals.
• Ability to align security function to business strategy, goals and objectives.
• Ability to work with the business to enable cost effective, risk-based decisions.

We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state or local protected class.

  • Job ID: 5433