IT Security Engineer

IT Security Engineer

Join the Golden Entertainment corporate IT Security Team as a Security Engineer, where you'll help safeguard our gaming and hospitality operations against evolving cyber threats. In a landscape shaped by trends like zero-trust architectures, AI-driven attacks, and cloud security demands, you'll design, deploy, and maintain robust defensessuch as precise access controls, backup safeguards, identity provider oversight, and seamless single sign-on expansionsfor our infrastructure, systems, and data. This role blends hands-on incident response with policy development to ensure compliance and resilience, all while supporting a fast-paced environment that values innovation, outstanding service, and opportunities to hone skills on a top-tier security stack through ongoing engagement and development.

Essential Duties & Responsibilities :

• Configure, deploy, and troubleshoot security tools and systems, incorporating zero-trust principles and AI-enhanced monitoring.
• Manage access lists, compensating controls, while expanding identity and SSO implementations to enhance secure access and identity protection.
• Detect, investigate, resolve incidents, including ransomware and advanced persistent threats.
• Define security requirements for operating systems, applications, and cloud environments.
• Develop and maintain security policies, procedures, and standards to align with emerging trends like remote access hardening.
• Stay current on vulnerabilities, infiltration tactics, forensics, and threats through ongoing research.
• Conduct vulnerability assessments to pinpoint weaknesses, evaluate control effectiveness, and coordinate patching of identified vulnerabilities.
• Advise on acceptable risk levels to guide security decisions and implementations.
• Conduct proactive threat hunting using our security stack (e.g., SIEM, EDR, NDR) and typical cybersecurity tools across the industry.
• Gather and share advanced CTI (Cyber Threat Intelligence) and OSINT (Open-Source Intelligence) to bolster team defenses.
• Support audits by providing documentation, responses, and remediation plans.
• Evaluate third-party risks (vendors, contractors) through documentation reviews and assessments.
• Contribute to security training and user awareness programs, including teaching cyber hygiene and privacy habits to mitigate everyday risks.
• Collaborate with command center, network, systems, and applications teams on security issues, plus analysts and engineers from our third-party MDR (Managed Detection and Response) team.
• Ensure compliance with gaming laws, internal controls, Title 31, federal regulations, and standards like SOX, PCI, and the NIST Cybersecurity Framework's.
• Deliver exceptional service to guests and team members, meeting company culture standards.
• Serve in an established `On-Call` rotation and perform other duties as assigned.

Requirements :

Physical Requirements : Lift, pull, push, carry, bend / kneel, stand / walk (about 50% of time); sit at desk (up to 50%). Ability to handle up to 50 lbs. Maintain high concentration for extended periods. Normal vision, speech, hearing, and literacy. Work Environment : Potential conditions indoor. Cold. Noisy. Smoky.