SecOps Analyst

PENN Entertainment, Inc. is North America’s leading provider of integrated entertainment, sports content, and casino gaming experiences. From casinos and racetracks to online gaming, sports betting and entertainment content, we deliver the experiences people want, how and where they want them.

We’re always on the lookout for those who are passionate about creating and delivering cutting-edge online gaming and sports media products. Whether it’s through ESPN BET, Hollywood Casino, theScore Bet Sportsbook & Casino, or theScore media app, we’re excited to push the boundaries of what’s possible. These state-of-the-art platforms are powered by proprietary in-house technology, a key component of PENN’s omnichannel gaming and entertainment strategy.

When you join PENN Entertainment’s digital team, you’ll not only work on these cutting-edge platforms through theScore and PENN Interactive, but you’ll also be part of a company that truly cares about your career growth. We’re committed to supporting you as you expand your skills and explore new opportunities.

With locations throughout North America, you can build a future at PENN Entertainment wherever you are. If you want to challenge conventions in gaming, media and entertainment, we want to talk to you.

About the Role & Team As part of the team, you will be working with cross-functional teams of friendly and dedicated Engineers, Product Managers and Designers determined to deliver some of the best apps the market has to offer. You will be responsible for monitoring and responding to security events within our environment in addition to participating in security uplift initiatives by developing internal tools and processes to automate security workflow, perform integration work, and threat analysis. We want you to be challenged and to get the full experience of what it’s like to work here!

About the Work

• Assist in the design and deployment of security infrastructure and controls to enhance our security posture
• Develop simple internal tools to automate security workflow, integration, and threat analysis
• Participate in team coding projects to develop and maintain complex internal tools
• Integrate new and existing systems into current security fabric utilizing existing tools and developing new ones where necessary
• Collaborate with team members to create complex detection/correlation rules utilizing our SIEM and/or other security infrastructure to enhance detection and monitor for emerging threats
• Participate in tuning efforts of the detections/correlation rules
• Responsible for maintaining an expert level knowledge of existing and emerging security threats, concepts, and methods
• May be relied upon as a technical point of contact during Escalated Events relating to Security
• Triage abuse reports and security events from security related systems
• Respond to non-breach events (e.g., block brute force attacks, scanning attempts, etc)
• Assist with Vulnerability Assessments and Remediation
• Daily security maintenance activities (e.g., EDR review, agent and infrastructure health)
• Take part in Operational & Strategic Projects
• Event & Security Log review
• Identify, evaluate and report security vulnerabilities or deficits
• Triage and evaluate reported vulnerabilities from VDP program
• Act as first point of contact for security tickets and questions
• Escalate issues to senior security staff as warranted
• Support compliance audits by gathering relevant security data and producing clear, audit-ready reports using internal tooling.
• Document and present findings from notable security investigations, including action items and lessons learned to drive ongoing security improvements.
• Act as point of contact, coordinate, and assist with tracking of wide scoped security projects
• Enhance workflows and processes related to daily activities
• Assist senior staff in security device tuning to reduce false positives and false negatives
• Must deliver an exceptional customer experience every day
• Other duties as required.

About You

• Minimum 2 years experience in IT/IS security discipline
• Minimum 2 years experience in aforementioned technologies
• Must have functional knowledge of macOS, Linux and Windows
• Must have functional knowledge of AzureAD, GCP and Kubernetes
• Ability to learn and communicate technical information
• Must have excellent written and oral communication skills
• Must possess strong interpersonal skills in order to work in a dynamic and fast-paced environment

What We Offer

• Competitive compensation package.
• Comprehensive Benefits package.
• Fun, relaxed work environment.
• Education and conference reimbursements.

Initial placement within the salary range is based on an individual's relevant knowledge, skills, and experience. Base salary is just one component of our competitive Total Rewards package, which includes wellness programs designed to support our team members' financial, physical, and mental well-being. Specific benefits—such as day-one medical coverage, 401(k) matching, annual performance bonus and equity package — depending on position. Paid time off is earned according to the local policy and increases with the length of employment.

Click HERE to discover how we empower team members to grow, thrive, and advance in their careers. Check out our LinkedIn page!

Originally posted on Himalayas