Lead IT Security Incident Response Analyst
The Lead IT Security Incident Response Analyst position is a critical part of the IT Security Incident Response team. This position will participate in various IR responsibilities including malware analysis, memory and disk analysis, log analysis, correlation review and creation, incident ticket reviews.. This position will also serve as part of an on-call escalation for critical events that assistance is required and provide process/policy improvements for the 24x7 Security Operation Center. All duties are to be performed in accordance with departmental and MGM Resorts policies, practices and procedures.
- Provide feedback to Security Operation Center ranging from creation of process improvement to fine tuning correlations to increase efficiency based on daily incident analysis.
- Create correlation rules, IDS / IPS signatures and other detection methods to detect and prevent latest attack trends.
- Provide root cause analysis on events detected and contained by the Security Operation Center or other parts of MGM Resorts International, which includes malware analysis, log analysis, memory and disk analysis, and network analysis.
- Provide meaningful information security metrics, which include identifying historical trends, areas of risks/gaps, violations and/or improvements.
- Participate in advanced threat hunting activities to detect new and potentially unknown events in the MGM environment.
- Perform various appliance policy reviews and suggest tuning opportunities to Security Engineering and Security Operation Team to increase detection and or prevention of attacks on the various tools.
- Work closely with Security Engineering and Security Architects to provide real world risks to projects and other initiatives based on data being seen.
- Provide communication, direction and expertise during a security incident to the various IT teams to ensure the proper execution of the Security Incident Response Plan.
- Perform other job related duties as requested.
- Bachelor’s degree in Management Information Systems, Network Security, Computer Science or related discipline, or equivalent work experience required.
- At least 5 years of experience with security system or relevant experience.
- Excellent customer service skills.
- Have interpersonal skills to deal effectively with all business contacts.
- Professional appearance and demeanor.
- Work varied shifts, including weekends and holidays.
- High school diploma or equivalent.
- Able to effectively communicate in English, in both written and oral forms.
- At least 1 year of experience in security incident response / digital forensics.
- Previous experience working in a similar resort setting.