The Opportunity

This is an exciting opportunity to join a fast-paced, growing Cybersecurity team. The Cybersecurity Analyst will drive continuous improvement to Delaware North's Cybersecurity Program through participation in cybersecurity operations and governance. Using Agile methodologies, this role will plan and execute in accordance with the Cybersecurity roadmap.

Minimum - Anticipated Maximum Salary: $62600 - $82900 / year

The advertised pay range represents what we believe at the time of this job posting, that we would be willing to pay for this position. Only in special circumstances, where a candidate has education, training, or experience that far exceeds the requirements for the position, would we consider paying higher than the stated range. Information on our comprehensive benefits package can be found at https://careers.delawarenorth.com/whatweoffer .

At Delaware North, we care about our associates. We are committed to invest in our people's personal and professional journeys, without you, there is no us. These are just some of the benefits we offer: health, dental, and vision insurance, 401(k) with company match, performance bonuses, paid vacation days and holidays, and generous friends-and-family discounts at many of our hotels and resorts. Click here to learn more .

Responsibilities

• Implement security solutions and applications with the drive to ensure their continuous improvements
• Interfacing with clients, vendors, and internal users on Cybersecurity related PoC's and operational tasks
• Conduct research to identify new attack vectors against products and services
• Perform technical security assessments, code audits and design reviews
• Participation in a rotational on-call calendar providing response and analysis on alerts from Cybersecurity tools
• Perform risk assessments and develop mitigation plans to maintain security posture to an acceptable level
• Document, follow and improve policies, procedures, and security best practices
• Participate in working groups including team driven learning and planning sessions
• Leading cybersecurity capability areas including governance, roadmap, policies, and procedures

Qualifications

• Bachelor's degree in Computer Science, Information Systems, or similar STEM field preferred
• A minimum of 5 years' experience in Information Technology or similar is required
• A minimum of 3 years' experience in Cybersecurity
• Ability to effectively communicate with a range of stakeholders
• Experience with security tools, including vulnerability management, EDR, IDS/IPS, and event correlation
• Experience with security and compliance frameworks such as PCI Compliance & NIST CSF
• Experience with building operational documentation with a passion for providing knowledge back to the business
• Proficient in creation and management of metrics, data, and analytics
• Disposition towards creative problem solving, building, automation, and self-improvement
• Familiarity with automation and CI/CD pipeline using variety tools like GitHub, Bitbucket etc.
• Incident Response experience with modern EDR products (Crowdstrike, Sentinel One etc.)
• Working knowledge of vulnerability management, risk, and remediation
• Involvement with problem and incident management, change management, notifications, and basic operational understanding of running and maintaining infrastructure
• Contact with SOAR framework concepts and implementation
• Understanding of Zero Trust architecture

Preferred Skills:

• Experience designing and automating tasks in PowerShell or Python
• Experience with researching and tracking Advanced Persistent Threat (APT) campaigns
• Familiarness with Blue/Red or Purple Team operations
• Involvement in Cybersecurity communities (Reddit, IRC groups and forums)
• Working knowledge with documenting project plans within JIRA or related products
• Certifications are desirable - OSCP, Pentester Academy, AWS, Security+, CEH, CISSP, CISM, etc.
• Experience securing public cloud and SaaS offerings (AWS, Google, Azure)
• Experience with correlating events to the MITRE framework and the Cyber Kill Chain

#LI-REMOTE

Who We Are

At Delaware North, you'll love where you work, who you work with, and how your day unfolds. Whether it's in sporting venues, casinos, airports, national parks, iconic hotels, or premier restaurants, there's no telling where your career can ultimately take you. We empower you to do great work in a company with 100 years of success, stability and growth. If you have drive and enjoy the thrill of making things happen - share our vision and grow with us.

Delaware North Companies, Incorporated and its subsidiaries consider applicants for all positions without regard to race, color, religion, creed, gender, national origin, age, disability, marital or veteran status, sexual orientation, or any other legally protected status. Delaware North is an equal opportunity employer.