Cyber Security Analyst

Mohegan reserves the right to make changes to the above job description whenever necessary. Position Summary The Cybersecurity Analyst supports Mohegan’s enterprise cybersecurity operations by executing and maintaining day‑to‑day security controls, monitoring security events, supporting incident response, and ensuring operational and audit readiness across all properties. This role works closely with Corporate Governance, IT teams, external security partners, and the broader cybersecurity team to ensure security alerts, incidents, and controls are consistently managed, documented, and reported. The Cybersecurity Analyst plays a key role in audit support, evidence collection, control narrative maintenance, and the production of operational metrics and reporting used to inform leadership and support regulatory and compliance requirements. Primary Duties and Responsibilities Cybersecurity Operations & Monitoring Monitor and manage security alerts and incidents generated by ReliaQuest GreyMatter or similar vendor-partners, ensuring alerts are triaged, investigated, and resolved in accordance with defined SLAs and KPIs. Coordinate with internal IT teams, MSSPs, and security vendors to ensure timely and effective incident handling. Track and report on operational performance metrics related to security alert handling, incident response, and platform health. Support day‑to‑day operation of cybersecurity platforms (including SentinelOne, ReliaQuest, Delinea, Varonis, Tenable, etc.), ensuring controls are functioning as intended. Endpoint Detection & Response (EDR) Administer and support SentinelOne EDR, including monitoring agent health and coverage, investigating endpoint security alerts, coordinating remediation and containment actions, and maintaining operational documentation. Support periodic health reviews and reporting on endpoint protection coverage and effectiveness. Incident Response & Preparedness Maintain and update the Cybersecurity Incident Response Plan, including playbooks, escalation paths, and contact information. Participate in security incidents and investigations, supporting evidence collection, documentation, and post‑incident analysis. Support tabletop exercises, lessons learned, and continuous improvement of incident response processes. Governance, Risk, and Audit Support Work directly with Corporate Governance, Audit, and Compliance teams to support internal and external audits. Collect, validate, and organize audit evidence for cybersecurity‑related controls. Maintain and update control narratives and supporting documentation for cybersecurity controls in scope for audits (e.g., SOX, regulatory, or other governance frameworks). Assist in tracking remediation actions related to audit findings or risk assessments. Reporting & Metrics Maintain operational reporting inputs for the monthly Cybersecurity Operations Report, including metrics related to security alerts and incidents, endpoint protection coverage, incident response performance, and operational trends. Develop and enhance metrics, dashboards, and reporting to improve visibility into cybersecurity operations and risk posture. Collaborate with the Cybersecurity Manager to identify opportunities to improve reporting clarity and executive‑level communication. Collaboration & Continuous Improvement Partner with cybersecurity engineers, IT operations, application owners, and vendors to ensure cybersecurity controls are operationally effective. Contribute to the development and refinement of standard operating procedures (SOPs), runbooks, and documentation. Identify opportunities to improve operational efficiency, consistency, and control effectiveness. Stay current on relevant cybersecurity threats, trends, and operational best practices. Secondary Duties and Responsibilities Promote superior customer service. Provide enterprise‑wide support as needed. Maintain and enforce confidentiality and privacy rules pursuant to all applicable regulations. Participate in and comply with Mohegan’s Change Management process and methodology. Enforce HIPAA privacy rules as applicable to Mohegan. Provide on‑call 24/7/365 support for escalated alerts and cybersecurity operational issues. Minimum Education and Qualifications Bachelor’s degree in computer science, engineering, business, or a related field, and five years of progressive Information Technology experience. Two years of experience as a Cybersecurity Specialist supporting an enterprise cybersecurity infrastructure for a corporation of at least 2,000 employees. Two years of experience in developing IAM solutions in cloud service providers (e.g., Microsoft Azure & Amazon Web Services). CISSP or equivalent certification(s) or experience. Experience with cybersecurity frameworks (CIS, ISO 27001/27002, NIST, CSF, etc.). Experience with SIEM systems, threat intelligence, and behavioral‑based systems for monitoring security issues. Good understanding of technology infrastructures such as routing/switching, firewalls, VPN, data loss prevention, intrusion detection/prevention, web‑proxy, behavior analytics, EDR, cloud security, and security audits/assessments. Excellent problem‑solving skills, organization, flexibility, and self‑motivation. Analytical mindset, meticulous attention to detail, ability to work under pressure and meet tight deadlines. Stay current on cybersecurity trends and news to develop company‑wide best practices. Experience securing cloud systems (IaaS/PaaS/SaaS). Experience with assessments, audits, and regulatory compliance. Ability to obtain and maintain gaming licensure in one or more jurisdictions. Ability to work in a team environment, as well as independently. Excellent written and verbal communication skills. In lieu of a bachelor’s degree, an associate degree in computer science, engineering, business, or a related field and eight years of progressive Information Technology experience may be considered. Competencies Expert knowledge of all currently deployed Mohegan cybersecurity products. Intermediate knowledge of Microsoft Office Suite, including Visio and other design and documentation tools. Knowledge of COBIT and ITIL. Excel at process improvement and root cause analysis. Training Requirements Knowledge of Mohegan corporate and department policies and procedures. Knowledge of appropriate regulations that pertain to Mohegan information systems. Review and analysis of department timesheet information. Mohegan technical architecture and standards. Physical Demands and Work Environment Office and work-from-home environment. Must be able to sit in front of a computer screen for extended periods. Requires occasional off‑shift work, including holidays, late night and early morning hours. 25% domestic and international travel may be required. Must be able to work various shifts and flexible hours. Work Shift Regular EEO Statement Mohegan Sun practices Native American Preference in hiring. "Native American" means an individual who is a duly enrolled member of the Mohegan Tribe or any group of Native Americans recognized by the Mohegan Tribe, the United States of America, or the State of Connecticut. #J-18808-Ljbffr