Job Description
This role is remote, with one required visit to your designated home office per quarter.
Remote option is available for employees located in the following states; AZ, CO, CT, FL, GA, IA, IL, IN, LA, MA, MD, MI, MN, MS, MT, NC, NJ, NV, NY, OH, OR, PA, SC, TX, TN, WA, WV, and Washington D.C. (States subject to change at any time)
Home Office: Las Vegas, NV
WELCOME TO THE EMPIRE! Caesars is one of the biggest names in the world of betting and we are striving to become the largest sports betting platform across America. We share a passion for sports and are industry leaders providing best-in-class service for all our customers.
BEHOLD! You will be at the heart of the technological revolution with one of the world's most trusted betting and gaming companies.
When we say cutting edge, we mean it. Here, you can work on highly reliable systems with low latency, much like the transactional systems of the best financial institutions, but...with the fun included.
You will have access to development opportunities, including IT conferences, internal training, and lunch and learn sessions. You will be part of a great working atmosphere, performing complex work in a collaborative team of amazing people, with forward-thinking managers. You will have the opportunity to make an impact.
What You Will Do:

• Build and deploy security capabilities designed to secure code and production infrastructure throughout the CI/CD pipeline as well as non-production and production environments
• Identify and prevent the introduction of high-risk vulnerabilities to the production environment
• Leverage static and dynamic code analysis to security assess application and infrastructure code
• Implement and operationalize the AWS Security Pillar of the AWS Well Architected Framework
• Define, build, and maintain Cloud Security Policies, Standards, and Procedures that meet or exceed all required regulatory requirements
• Evaluate, implementation, and operationalize a CSPM and CWPP solution
• Introduce commercial and vetted open-source solutions to secure and continuously secure and monitor AWS cloud infrastructure, services, and workloads
• Help the application delivery and DevOps team detect and fix security vulnerabilities
• Leverage Terraform to automatically configuration and maintain AWS cloud native and third-party security solutions
• Implementing a strong identity foundation through least privilege policies
• Enabling traceability/observability
• Applying Security at all layers from PoP to endpoint
• Automate security best practices for scale and cost effectiveness
• Protect data at rest and in transit with proper classifications
• Keep people away from data to reduce or eliminate direct access or manual processing of data
• Prepare for security events to occur and build capabilities for SOC to be able to detect, contain, eradicate, and recover
• Leverage Python or Go to automate security acceptance testing
• Maintain AWS and commercial web application firewalls
• Harden server operating systems and containers
• Review and analyze security event logs to support security incident response efforts
• Author and communicate blameless postmortems

What You Will Need:

• 5+ years of work experience securing and monitoring CI/CD pipelines and AWS cloud infrastructure
• 10+ years of Information Technology or Information Security experience
• Ability to write Lambda functions in Python or Go
• Strong command and understanding of AWS Security Reference Architecture (SRA)
• Strong understanding of basic AWS cloud internetworking concepts
• Experience leveraging AWS security and compliance services such as IAM, AWS WAF, and more
• Experience securing Kubernetes, containers, and microservices
• Experience using Terraform to deploy security-oriented infrastructure and configure security services
• Experience with commercial cloud native application protection platforms such as Prisma Cloud desirable
• Working knowledge of GitLab desirable
• Desirable Certifications: AWS SysOps Administrator, AWS Certified Solutions Architect, AWS Certified Security Specialty, OSCP, GWEB, and GCSA

Physical Requirements:

• Must be able to sit, type, and talk on the phone for extended periods

The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.
Caesars Sportsbook & Casino reserves the right to make changes to the job description whenever necessary.
As a part of Caesars Sportsbook & Casino's employment process, finalist candidates will be required to complete a drug test and background check upon offer acceptance.