Information Security Engineer I
Seneca Gaming Corp
Assists in the on-going development of Seneca Gaming Corporation (SGC)’s enterprise information security architecture, information security policy implementation and enforcement, and is responsible for ensuring the confidentiality, integrity and availability of the company’s information assets within a blended information security framework based on published guidance from CIS, NIST, PCI DSS, ISACA (CoBIT) and a pragmatic/risk-based approach. Contributes to the improvement of the security posture for all endpoints. Contributes to the maintenance, monitoring, and support associated with enterprise information security controls pertinent to endpoints and infrastructure. Contributes to the maintenance, monitoring, and support associated with enterprise information security toolsets. Consults with Information Security & Assurance (ISA) and Information Technology (IT) management/teams to verify that appropriate security controls are in place, identify gaps, and facilitate remediation. Assists with guidance, coordination, and support for SGC business units during applicable audits where/when applicable. Relies on pre-established policies and procedures to perform the functions of the job. All duties are to be performed within the guidelines of the Seneca Gaming Corporation’s policies and procedures, Internal Control Standards, and objectives.
- Must be 18 years of age or older upon employment.
- Bachelor’s Degree in an Information Technology related field.
- Minimum of three (3) years of work experience in a related Information Technology role is required.
- Experience in a dedicated information security role for minimum of one (1) year is preferred.
- Experience with IT audit processes (e.g. ITGC, PCI) preferred.
- Some technical certifications (CompTIA Network+/Security+, Microsoft, Cisco) preferred.
- An equivalent combination of education and/or experience may be substituted for the above requirements.
- Excellent understanding of networking principles including TCP/IP, WANs, LANs, and commonly used protocols/standards such as DHCP, DNS, SMTP, HTTP(S), FTP, Telnet, SNMP, LDAP, SSH, 802.11, 802.1x, Netflow, etc.
- Experience with IBMi (aka, AS/400, iSeries, System i) environment, commands, and utilities preferred.
- Experience with syslog management solutions.
- Experience with information security tools and utilities.
- Experience with Microsoft Windows environment, commands and utilities required.
- Experience with network security practices.
- Experience with email applications required, Microsoft Outlook experience preferred.
- Must be able to demonstrate proficiency in Microsoft Windows and Microsoft Office.
- Previous experience working in a casino is desired but not a requirement.
Language Skills and Reasoning Ability:
- Must possess excellent communication and analytical skills.
- Must be resourceful, utilizing all resources that are available to resolve issues.
- Must have the ability to resolve problems/conflicts in a diplomatic and tactful manner.
- Must be able to work with little direction and supervision.
- Must demonstrate good judgment.
- Must be a team player with strong interpersonal skills.
Physical Requirements and Work Environment:
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The noise level in the work environment is usually moderately loud. When on the casino floor, the noise levels increase to loud. Must be able to work in an environment where smoking is permitted.
- Must be able to stand, walk, and move through all areas of the casino.
- Must be able to maintain physical stamina and proper mental attitude to work under pressure in a fast-paced casino environment and effectively deal with customers, management, employees, and members of the business community in all situations.