Senior Cybersecurity Analyst

Company Description

Join Wynn Resorts’ Information Security Operations Center (SOC) and help protect one of the world’s premier hospitality and gaming organizations. As part of our “WE Life” culture, you’ll lead a strategic group of analysts with hands‑on experience across the full incident lifecycle—detection, triage, response, and remediation—in a fast‑paced, high‑stakes environment.

The Senior Cybersecurity Analyst is a key member of Wynn Resorts’ Information Security Operations team, responsible for advanced threat analysis, incident response, proactive threat hunting, and continuous improvement of security controls across Wynn’s global enterprise. This role provides expert technical leadership during security events, drives strategic enhancements to detection and response capabilities, and ensures the protection of sensitive systems and data.

The analyst will collaborate with cross‑functional teams and contribute to the development of a resilient, compliant, and security‑aware organization.

• Perform Level-3 triage and deep-dive investigations for advanced alerts across SIEM, EDR/XDR, email security, cloud security, network telemetry, IAM platforms, and application logs.
• Lead incident intake, impact analysis, triage logic development, and event correlation across multiple data sources.
• Validate, tune, and improve detection rules, thresholds, and correlation logic to minimize false positives and maximize visibility.
• Identify root causes, attack paths, indicators of compromise (IOCs), and technique-level behaviors aligned to the MITRE ATT&CK framework.

• Lead security incidents from detection through containment, eradication, and recovery.
• Coordinate with IT, Network, Cloud, Database, Legal, Compliance, and leadership teams to drive timely remediation.
• Produce executive-level incident summaries, detailed technical analysis reports, and lessons‑learned documentation.
• Participate in on‑call escalation rotation for high‑severity events.

• Conduct proactive threat-hunting exercises across endpoints, identities, network flows, and cloud activity logs.
• Develop hypotheses, test scenarios, evaluate anomalous behavior, and uncover unknown or sophisticated threats.
• Advance behavioral detection by identifying emerging attacker techniques relevant to Wynn’s environment.

• Partner with engineering teams to enhance SIEM/EDR configurations, detection content, dashboards, and automated response playbooks.
• Design and implement enterprise-wide security controls and frameworks.
• Support secure development practices and architecture reviews.
• Validate the effectiveness of existing controls, including EDR configuration, firewall rules, IAM policies, and DLP systems.

• Conduct risk assessments, vulnerability management, and penetration testing.
• Ensure compliance with relevant frameworks (NIST, ISO 27001, PCI DSS, HIPAA) and regulatory requirements.
• Develop and maintain SOC runbooks, IR playbooks, and security procedures.
• Create metrics, KPIs, and after-action reports for continuous improvement.

• Lead or support security awareness and training programs for staff.
• Mentor junior SOC analysts and assist with onboarding, cross‑training, and knowledge sharing.

• Develop and maintain scripts and automation for security operations (Python, Power Shell, etc.).
• Support the integration of security tools and automation workflows.

• Support security projects, tool deployments, audits, and assessments.

• Bachelor’s degree in information security, Computer Science, or equivalent work experience.
• 5–10 years of hands‑on experience in SOC operations, incident response, threat analysis, digital forensics, or similar security functions.
• Deep understanding of SIEM platforms, EDR/XDR tools, identity systems, email security, network and firewall logging, and cloud security concepts.
• Strong familiarity with MITRE ATT&CK, cyber kill chain, and threat-actor TTPs.
• Experience…