It Security Engineer

IT Security Engineer

Golden Entertainment Corporate (Las Vegas, NV)

Join the Golden Entertainment corporate IT Security Team as a Security Engineer, where you'll help safeguard our gaming and hospitality operations against evolving cyber threats. In a landscape shaped by trends like zero‑trust architectures, AI‑driven attacks, and cloud security demands, you'll design, deploy, and maintain robust defenses—such as precise access controls, backup safeguards, identity provider oversight, and seamless single sign‑on expansions—for our infrastructure, systems, and data.

This role blends hands‑on incident response with policy development to ensure compliance and resilience, all while supporting a fast‑paced environment that values innovation, outstanding service, and opportunities to hone skills on a top‑tier security stack through ongoing engagement and development.

• Configure, deploy, and troubleshoot security tools and systems, incorporating zero‑trust principles and AI‑enhanced monitoring.
• Manage access lists and compensating controls while expanding identity and SSO implementations to enhance secure access and identity protection.
• Detect, investigate, and resolve incidents, including ransomware and advanced persistent threats.
• Define security requirements for operating systems, applications, and cloud environments.
• Develop and maintain security policies, procedures, and standards to align with emerging trends such as remote access hardening.
• Stay current on vulnerabilities, infiltration tactics, forensics, and threats through ongoing research.
• Conduct vulnerability assessments to pinpoint weaknesses, evaluate control effectiveness, and coordinate patching of identified vulnerabilities.
• Advise on acceptable risk levels to guide security decisions and implementations.
• Conduct proactive threat hunting using our security stack (e.g., SIEM, EDR, NDR) and typical cybersecurity tools across the industry.
• Gather and share advanced CTI (Cyber Threat Intelligence) and OSINT (Open‑Source Intelligence) to bolster Team defenses.
• Support audits by providing documentation, responses, and remediation plans.
• Evaluate third‑party risks (vendors, contractors) through documentation reviews and assessments.
• Contribute to security training and user awareness programs, including teaching cyber hygiene and privacy habits to mitigate everyday risks.
• Collaborate with command center, network, systems, and applications Teams on security issues, plus analysts and engineers from our third‑party MDR (Managed Detection and Response) Team.
• Ensure compliance with gaming laws, internal controls, Title 31, federal regulations, and standards such as SOX, PCI, and the NIST Cybersecurity Framework.
• Deliver exceptional service to guests and Team members, meeting company culture standards.
• Serve in an established on‑call rotation and perform other duties as assigned.

• Security+, CEH, or equivalent certification preferred.
• 2‑3 years of IT security experience.
• 2+ years in at least two areas: IT security administration, server administration, or network administration.
• Hands‑on experience with security systems like ACLs, next‑gen firewalls, NDR/EDR, SSO, MDM, SIEM/SOAR, content filtering, remote access, and secure DNS.
• Knowledge of endpoint hardening, app vetting, cloud monitoring, Microsoft Active Directory management/hardening, and REST API configuration.
• Familiarity with NIST Cybersecurity Framework (1.1 and 2.0) and trends like zero‑trust implementation.
• Preferred experience with testing tools such as Kali, Metasploit, Burp, Wireshark, Nmap, Netcat, and vulnerability scanners.
• Preferred:
  Adept at scripting with Power Shell, automation, and command‑line tools in Windows and Linux environments.
• Working knowledge of regulations including Nevada Gaming Control Board, SOX, HIPAA, and PCI‑DSS.
• BS in computer science, information sciences, or equivalent education/experience.
• Strong problem‑solving skills for high‑pressure, evolving environments.
• Reliable transportation; some travel required.
• Willing to work any shift, including weekends and holidays.
• Effective English communication (written and verbal).
• At…