Apply on Employer Site

Table Mountain Casino Resort · 2 months ago

Manager of Information Technology Security - (On-Site, No Contract)

Friant, CA

Contract

Onsite

Senior Level

7+ years exp

Table Mountain Casino Resort is seeking a Manager of Information Technology Security to oversee its information security operations. The role involves creating and enforcing security policies, monitoring systems for threats, and leading incident response efforts to protect the Casino's information systems and data.

CasinoEventsGamblingGaming

Responsibilities

Oversee the management of the organization's IT security infrastructure, including firewalls, intrusion detection/prevention systems, and other security tools, and ensure the Casino maintains a robust and reliable security posture

Manage, guide, mentor, and develop a team of IT security professionals (3-5 staff members) by providing leadership, training, and technical guidance on cybersecurity issues and project execution

Oversee continuous monitoring of systems, networks, and applications for potential security threats, ensuring timely identification of vulnerabilities or breaches and coordinating swift resolutions to minimize impact

Implement and maintain processes for cybersecurity incident response, including clear escalation procedures, root cause analysis, and post-incident reviews to strengthen future response efforts

Develop, implement, and enforce IT security policies and procedures to protect sensitive data and systems, and ensure these policies remain up-to-date and effective against emerging threats

Ensure IT security operations adhere to all relevant gaming industry regulations and information security compliance standards to maintain the integrity of casino operations

Conduct regular risk assessments and vulnerability scans and oversee the remediation of identified security weaknesses to reduce the organization’s risk exposure

Assist with developing and managing the IT security budget, optimizing resource allocation, and identifying cost-effective security solutions and technologies

Manage relationships with external security vendors and service providers, including negotiating contracts and overseeing service delivery to ensure quality and compliance with service agreements

Identify areas for improvement in the organization's security posture, implementing new technologies and processes to enhance protection and increase operational efficiency

Provide day-to-day operational guidance on security matters that support the short-term and long-term technology plans of the Casino

Plan, coordinate, and direct security-related activities of the IT organization to safeguard the confidentiality, integrity, and availability of information assets

Collaborate with other business leaders and departments to ensure security requirements are understood and integrated into their operational processes and projects

Work closely with the Director of IT to identify, recommend, develop, and implement effective security solutions for all aspects of the organization

Benchmark, analyze, and report on the Casino’s security infrastructure and practices, and make recommendations for improving and growing the IT security program

Manage IT security staffing, including recruitment, supervision, scheduling, career development, performance evaluations, and disciplinary actions

Oversee the documentation of security incidents, vulnerabilities, remediation actions, and other security activities to maintain detailed records and support compliance requirements

Keeps abreast of industry cybersecurity trends and new technologies; ensures compliance with applicable laws and policies

Contributes to a team effort and accomplishes related results as required

Performs other duties as required

Qualification

CISSPCISMCybersecurity managementSecurity architecture designIncident responseRisk managementVulnerability managementSecurity monitoring toolsAnalytical skillsInterpersonal skillsCommunication skillsTeam leadership

Required

Bachelor's degree in Computer Information Systems, Cybersecurity, or a related field plus seven (7) years of progressive work experience in information security or cybersecurity, or equivalent combination of education and experience in information security—combined with recognized high-level industry certifications (e.g., CISSP, CISM, CEH, or equivalent)

Experience in the design of security architecture, implementation of security controls, and systems hardening is required

Excellent interpersonal skills, written and verbal communication, and proven analytical and problem-solving abilities are required

Must be able to successfully pass a pre-employment drug/alcohol screen and background investigation and obtain and maintain a gaming license

Knowledge of enterprise network infrastructure and cybersecurity principles, including Local Area Network (LAN) and Wide Area Network (WAN) systems, firewalls, intrusion detection/prevention systems, endpoint security, and identity/access management solutions

Strong knowledge of information security frameworks and standards (e.g., NIST, ISO 27001, CIS Controls) and ability to align security practices with regulatory and industry requirements

Knowledge of risk management, threat modeling, vulnerability management, and incident response methodologies

Skill in operating security monitoring and analysis tools (SIEM, EDR, vulnerability scanners, etc.), as well as standard productivity software (word processing, spreadsheets, and databases) in a Windows environment

Skill in preparing, reviewing, and analyzing security reports, risk assessments, and technical documentation

Ability to apply best practices for system hardening, secure configuration, and cloud security controls

Ability to analyze organizational security requirements and recommend solutions to safeguard systems and data

Ability to implement, test, troubleshoot, and maintain security systems and processes

Ability to provide information security training, awareness, and user support across diverse business units

Ability to exercise independent judgment and lead security initiatives with minimal oversight

Ability to communicate effectively, both verbally and in writing, with technical and non-technical stakeholders

Ability to interact and maintain working relationships with people of varying social and cultural backgrounds

Ability to maintain confidentiality and handle sensitive information with discretion

Preferred

Professional certifications such as CISSP, CISM, CISA, or CEH that demonstrate advanced competency in cybersecurity management and technical expertise preferred