IT Sr Security Admin (Full Time)

JOB DESCRIPTION
Position Title: IT Senior Security Administrator
Department: CorporateIT
Employment Classification: Exempt
Position Summary/General Description:
I.T. Senior Security Administrator coordinates the Security Administrators at each site to ensure that I.T. security is being adequately ensured, and directly performs any and all of the I.T. Security Administrator duties at the corporate layer. Implements I.T. security measures to safeguard the confidentiality, integrity, and availability of the data and technology operations utilized by Laguna Development Corporation (LDC). Responsible for fulfilling regulatory and internal policies and procedures regarding data security and availability. Monitors, detects, and analyzes any I.T. security violations and responds in accordance with departmental and regulatory policy, and with any measures needed to ensure data security and availability. Coordinates with vendors, management, and regulatory agents to determine and implement appropriate access controls, adhering to segregation of duties and least privilege. Communicates and coordinates security upgrades, maintenance, and downtime to users. Prepares and maintains documentation of security configurations. Performs regular audits of security controls, policies and procedures, and configured settings in systems and network devices to ensure compliance with regulatory requirements. Serves as third level of escalation for any issues I.T. Technicians cannot resolve without further education or training. Regularly prepares and disseminates I.T. security training materials, and conducts I.T. staff training on relevant topics to ensure adherence to best practices.
Expectations:

• Adhere to Laguna Development Corporation (LDC) Core Values, Policies & Procedures.
• Act as a role model within and outside the casino.
• Maintain a positive and respectful attitude toward customers and co-workers.
• Consistently report to work on time prepared to perform duties of position.

Essential Duties & Responsibilities:

• Develop and assist in the implementation of security controls, systems, and processes to improve the effectiveness of technical services at all LDC locations
• Oversee the site-level Security Administrators for all LDC sites At all times maintain a courteous, positive and professional working relationship with all LDC personnel and the general public (e.g., clients and vendors).
• Work odd and unusual hours, including weekends and holidays.
• Other duties as assigned or as directed.

Ensure that the following Security Administrator functions are correctly performed at each site, and perform them for equipment within the scope of direct management by the corporate layer:

• Ensure the security of vital services and applications, using OS patching, Antivirus, Antispyware, ACL's, IPS, and Web filtering and other industry-approved means
• Perform security audits mandated by all applicable regulatory standards.
• Coordinate relevant department heads and managers to verify that least privilege permissions are configured for each role in I.T. systems during regular access rights audits.Act as the liaison between I.T. department and any external auditors and/or regulatory agencies
• Manage security for vital services and applications (OS patching, Antivirus, Antispyware, ACL's, IPS, and Web filtering.)
• Collaborates with I.T. Network Administrators to manage configuration and maintenance of Layer 3 devices, including routers and firewalls
• Coordinate with vendors, management, and I.T. administrative staff to identify and configure proper user access permissions for key systems, in accordance with least privilege and segregation of duties
• Ensure the proper configuration of user access permissions and of system security settings
• Manage all new I.T security projects
• Conduct I.T. security investigations and audits, reporting any findings to I.T. Director
• Resolve unfamiliar and unknown security alerts, breaches, intrusions, virus infection problems, and other related I.T. security violations using creative thinking and cooperative effort of the I.T. staff
• Supervise efforts of I.T. staff to resolve system or network security breaches

Problem Solving and Technical Skill Development

• Responsible to resolve unfamiliar or unknown system problems using creative thinking and cooperative effort of the I.T. staff
• Supervises efforts of System Administrators to resolve system-based problems or errors
• Cooperate and maintain communications with technical support companies
• Research new technology to improve quality of systems and the I.T. staff
• Continue with education and technical training to acquire certifications/degrees.

Documentation, Backups, Disaster Recovery, and Regulatory Responsibility

• Review existing Knowledge Base documents and update as needed
• Create Knowledge Base documents for learned technical solutions
• Create Knowledge Base documents for previously undocumented processes and procedures
• Responsible for documentation of security-related controls
• Responsible for updating security-related policies and procedures as necessary to meet the needs of LDC and fulfill any regulatory requirements
• Responds to Tribal Gaming Regulatory Authority (TGRA) and any other applicable regulatory entities regarding any reported regulatory infractions incurred in the fulfillment of processes and controls performed by I.T. Administrative staff
• Responsible for managing and updating backups for all necessary systems
• Required to test and document successful disaster recovery procedures
• Coordinate with I.T. administrators in the event disaster recovery procedure(s) are initiated to ensure successful restoration of data and services with minimal business impact

Continuing Education

• Keep up to date with I.T. security industry practices and current Security Technology
• Research new security technology practices to improve protection and access of systems and network resources
• Research security applications and devices
• Continue with education and technical training to acquire certifications relevant to the security of current and future technologies employed by LDC

Additional Responsibilities

• Create detailed tickets pertaining to system problems or projects using ticket tracking system
• Take on network related trouble tickets or escalated system problems
• Provide departmental training and support of I.T. staff members as needed

Documentation and Quality Improvement

• Review existing Knowledge Base documents and update as required
• Create Knowledge Base documents for learned technical solutions
• Create Knowledge Base documents for previously undocumented processes and procedures
• Review current processes and communicate recommended changes to supervisor

Required Skills

• Ability to analyze potential problems and select proper course of action
• Ability to install, configure and troubleshoot complex I.T. systems
• Must possess strong verbal, writing, and typing skills
• Ability to quickly grasp new concepts
• Ability to apply logic and reasoning to quickly determine effective approaches to challenging problems
• See specific technical requirements below

Education & Experience Requirements:

• Bachelors' Degree in Computer Science, Information Technology, or related field from an accredited college or university
• Three years' experience in an enterprise I.T. environment
• Three years' experience in an I.T. security-related position
• See additional technical experience and proficiency requirements below

Licensing & Certification Requirements:

• One IT security-related certification is required (e.g. CISSP, Security+)

Computer Equipment, Software, and Machinery Requirements:

• Experience in Microsoft security is required.
• Experience in Cisco security practices is required.
• Experience in network packet capturing and analysis is required.
• Experience in VMware or other virtual environments is required.
• Experience in in network penetration testing is a plus.
• Experience in Linux environment is a plus.
• Experience in Cisco IOS, TACACS, Fortinet, and Symantec Antivirus products is a plus.
• Experience with databases is a plus.
• Experience in PCI compliance is a plus.
• Experience in SAN systems is a plus.
• Experience in point of sale systems is a plus.
• Experience in accounting/human resource software applications is a plus.
• Experience in security and surveillance systems is a plus.
• Experience in casino gaming systems is a plus.

Essential Physical Requirements:

• The job requires the ability to hear, sit, stand, talk, walk, see, and repetitively use hands 51-100% of the time.
• The job requires the ability to bend over, crouch/stoop, drive, kneel, reach overheard and turn/twist 25-50% of the time.
• The job requires the ability to balance/climb and crawl 0-24% of the time.
• The job requires the ability to carry and lift 1-25 lbs. 51-100% of the time.
• The job requires the ability to push/pull, carry, lift, slide and transfer 1-50+lbs. 25-50% of the time.

Essential Mental Demands:

• The position requires problem solving, organizing, planning, decision making, interpreting data, math skills, reading and writing 51-100% of the time.

Supervisory Responsibilities:

• Training, directing, appraising productivity, and measuring performance.

Work Environment (inside/outside):

• The duties are performed primarily indoor with occasional exposure to hot and cold temperatures, loud noises and confined spaces.

Other Requirements:

• Applicant will be required to pass a pre-employment alcohol/drug screening.
• Obtain and maintain a gaming license through the Pueblo of Laguna's Gaming Control Board and must provide/maintain a valid New Mexico drivers' license.