Company: Shakopee Mdewakanton Sioux Community Gaming Enterp
Posted on: November 22, 2021
Implements and maintains enterprise Information Security
architectures and solutions. Serves as a security consultant in
application development, database design, network, internet, and/or
platform (operating system) efforts. Assists project teams to
comply with enterprise and IT security policies, industry
regulations, and best practices. Researches, designs and advocates
new technologies, architectures, and security products that will
support security requirements for the enterprises.
Contributes to the development of information security strategy and
architecture. Evaluates secure solutions based on approved security
architectures. Analyzes business impact and exposure based on
emerging security threats, vulnerabilities, and risks. Works with
IT leadership, other functional area architects, and IT Systems
Security to ensure adequate security solutions are in place
throughout all IT systems and platforms to mitigate identified
risks sufficiently, and to meet business objectives and
requirements. Tests new security solutions in test environment to
ensure the solution is acceptable to the existing or emerging
security architecture of the organization.
Job Duties: Work with Information Technology Leadership and
Security Workgroups to support and maintain a security program
including security projects that address identified risks and
business security requirements.
Implement governance activities associated with ensuring
compliance. Assist IT staff in developing procedures and guidelines
that meet the associated governance standards.
Lead and implement the integration of security strategy and
architecture with business and IT strategy.
Provide technical and managerial expertise for the administration
of security management tools.
Work with Internal Audit, Compliance or 3rd party audit personnel
to ensure compliance with regulations from Gaming Commission,
Payment Card Industry and HIPAA including all other applicable
Provide analysis of the current and new security technology to
determine the potential impact on the business and recommend
solutions for improvement.
Deliver metrics to measure and demonstrate value of security
practices. Consult with IT and security staff to ensure that
security is factored into the evaluation, selection, installation
and configuration of hardware, applications and software.
Coordinate the implementation of technical controls to support and
enforce defined security policies.
Coordinate, implement, measure and report on the technical aspects
of security management.
Assess and report on threats, vulnerabilities and residual risk;
and recommend remedial action.
Maintain a knowledge base comprising a technical reference library,
security advisories and alerts, information on security trends and
practices, and laws and regulations.
Develop technical information materials on security trends,
threats, best practices and control mechanisms for IT, as
Monitor and report on compliance with security policies, as well as
the enforcement of policies within the IT department.
Assist the disaster recovery planning team in the selection of
recovery strategies and the development, testing and maintenance of
disaster recovery plans.
Reflects MINIMUM EDUCATION, TRAINING, CERTIFICATION and EXPERIENCE
required in order to meet the expectations of this job: 5+ years of
IT experience with 3+ years of Information Security experience.
Bachelor's degree required (Cybersecurity or an equivalent
CISSP or CCSP certification preferred.
Demonstrate a strong understanding of tools, technologies, security
strategies and their implications on the broader business
Experience with information risk concepts and principles as a means
of relating business needs to security controls.
Have a strong understanding of Information Security concepts,
protocols, industry best practices and strategies.
Have experience with common Information Security Management
frameworks, such as International Standards Organization (ISO)
17799/27001, the IT Infrastructure Library (ITIL) and the National
Institute of Standards and Technology (NIST) frameworks.
Have experience in performing risk, business impact, control and
vulnerability assessments, and defining mitigation strategies.
Have excellent technical knowledge of mainstream operating systems
(for example, Microsoft Windows and Unix/Linux) and a wide range of
security technologies, such as network security appliances,
identity and access management systems, anti-malware (malicious
software) solutions, automated policy compliance and desktop
Keywords: Shakopee Mdewakanton Sioux Community Gaming Enterp, Lakeville , Cybersecurity Engineer, Other , Lakeville, Minnesota
Didn't find what you're looking for? Search again!