Cyber Security Analyst

**JOIN OUR TEAM AND EXPERIENCE ENDLESS CAREER POSSIBILITIES****IF YOU ARE AN EXISTING TEAM MEMBER,** **PLEASE CLICK THE FOLLOWING LINK TO BE TAKEN TO THE INTERNAL CAREER SITE:****Position Summary:**The Cybersecurity Analyst supports Mohegan’s enterprise cybersecurity operations by executing and maintaining day‐to‐day security controls, monitoring security events, supporting incident response, and ensuring operational and audit readiness across all properties.This role works closely with Corporate Governance, IT teams, external security partners, and the broader cybersecurity team to ensure security alerts, incidents, and controls are consistently managed, documented, and reported. The Cybersecurity Analyst plays a key role in audit support, evidence collection, control narrative maintenance, and the production of operational metrics and reporting used to inform leadership and support regulatory and compliance requirements.This position focuses on the execution, coordination, and continuous improvement of cybersecurity operations, and collaborates with cybersecurity engineers and management to provide operational input and feedback that informs solution engineering and architecture decisions.**Primary Duties and Responsibilities****:** include but are not limited to:**Cybersecurity Operations & Monitoring*** Monitor and manage security alerts and incidents generated by for example, without limitation, ReliaQuest GreyMatter **(**or similar vendor-partners engaged at management’s discretion from time-to-time,) ensuring alerts are triaged, investigated, and resolved in accordance with defined SLAs and KPIs.* Coordinate with internal IT teams, MSSPs, and security vendors to ensure timely and effective incident handling.* Track and report on operational performance metrics related to security alert handling, incident response, and platform health.* Support day‐to‐day operation of cybersecurity platforms (including for example, without limitation, SentinelOne, ReliaQuest, Delinea, Varonis, Tenable, etc.), ensuring controls are functioning as intended.**Endpoint Detection & Response (EDR)*** Administer and support for example, without limitation, SentinelOne EDR, including:* Monitoring agent health and coverage* Investigating endpoint security alerts* Coordinating remediation and containment actions* Maintain operational documentation and procedures related to EDR usage.* Support periodic health reviews and reporting on endpoint protection coverage and effectiveness.**Incident Response & Preparedness*** Maintain and update the **Cybersecurity Incident Response Plan**, including playbooks, escalation paths, and contact information.* Participate in security incidents and investigations, supporting evidence collection, documentation, and post‐incident analysis.* Support tabletop exercises, lessons learned, and continuous improvement of incident response processes.**Governance, Risk, and Audit Support*** Work directly with **Corporate Governance, Audit, and Compliance teams** to support internal and external audits.* Collect, validate, and organize audit evidence for cybersecurity‐related controls.* Maintain and update control narratives and supporting documentation for cybersecurity controls that are in scope for audits (e.g., SOX, regulatory, or other governance frameworks).* Assist in tracking remediation actions related to audit findings or risk assessments.**Reporting & Metrics*** Maintain operational reporting inputs for the monthly Cybersecurity Operations Report, including metrics related to:* Security alerts and incidents* Endpoint protection coverage* Incident response performance* Operational trends and improvements* Develop and enhance metrics, dashboards, and reporting to improve visibility into cybersecurity operations and risk posture.* Collaborate with the Cybersecurity Manager to identify opportunities to improve reporting clarity and executive‐level communication.**Collaboration & Continuous Improvement*** Partner with cybersecurity engineers, IT operations, application owners, and vendors to ensure cybersecurity controls are operationally effective.* Contribute to the development and refinement of standard operating procedures (SOPs), runbooks, and documentation.* Identify opportunities to improve operational efficiency, consistency, and control effectiveness.* Stay current on relevant cybersecurity threats, trends, and operational best practices.**Secondary Duties and Responsibilities:*** Promotes superior customer service.* Provides enterprise-wide support as needed.* Responsible for maintaining and enforcing confidentiality and privacy rules pursuant to all applicable regulations.* Participates in and complies with Mohegan ’s Change Management process and methodology.* Responsible for enforcing the privacy rules pursuant to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) as applicable to Mohegan.* Provides on-call 24/7/365 support for escalated alerts and Cyber operational issues**Minimum Education and Qualifications:*** Bachelor’s degree in computer science, Engineering, Business, or a related field, and five years of progressive Information Technology experience* Two years of experience as a Cybersecurity Specialist providing support to an enterprise Cybersecurity infrastructure for a corporation of at least 2,000 employees* Two years of experience in developing IAM solutions in cloud service providers (for example, without limitation, Microsoft Azure & Amazon Web Services)* CISSP or equivalent certification(s) or experience* Experience with various Cybersecurity frameworks (CIS, , ISO 27001/27002**,** NIST, CSF etc.)* Experience with SIEM systems, threat intelligence, and behavioral-based systems for monitoring security issues* Possess a good understanding of technology infrastructures, such as Routing/Switching, Firewalls, VPN, Data Loss Prevention, Intrusion Detection/Prevention, Web-Proxy, Behavior Analytics, End Point Detection/Response (EDR), Cloud Security, and security audits/assessments* Demonstrate excellent problem-solving skills, is well organized, flexible, and self-motivated.* Possess an analytical mindset and a detailed understanding of cyber security methodologies. Possess meticulous attention to detail and work comfortably under pressure and deliver on tight deadlines.* Stay current on cyber security trends and news to help continually develop company-wide best practices for cyber security.* Experience securing cloud systems (IaaS/PaaS/SaaS).* Experience with assessments, audits, and regulatory compliance* Ability to obtain and maintain gaming licensure in one or more jurisdictions.* Ability to work in a team environment, as well as independently.* Excellent written and verbal communication skills* In lieu of bachelor’s degree an associate degree in computer science, Engineering, Business or a related field, and eight years of progressive Information Technology experience may be considered in addition to the qualifications above**Competencies:** Incumbent will master the following competencies while in this position:* Expert knowledge of all currently deployed Mohegan Cybersecurity products* Intermediate knowledge of Microsoft Office Suite of products specifically including Visio and other design and documentation tools* Knowledge of the Control Objectives for Information and related Technology (COBIT) and the Information Technology Infrastructure Library (ITIL)* Excel at process improvement and root cause analysis**Training Requirements:*** Knowledge of Mohegan corporate and department policies and procedures* Appropriate regulations that pertain to Mohegan information systems* Review and analysis of department timesheet information* Mohegan technical architecture and standards**Physical Demands and Work Environment:*** Office and work from home environment* You must be able to sit in front of #J-18808-Ljbffr Mohegan PA