Lead Cyber Threat Intelligence Architect

Manage Pen Testing Engagements Ability to coordinate with multiple 3rd party vendors for various pen testing engagements

Manage Bug Bounty Ability to manage various aspects of a bug bounty program including but not limited to engaging with submissions and responses testing/retesting and partnering with business lines and vendors

Policy and Procedures Assist in policy and process development for the Offensive Security Team amongst various teams and disciplines (cyber threat intelligence threat hunting adversary emulation)

Conduct Threat Assessments and Threat Research:Explore various technologies and solutions to understand information security risks and weaknesses. Perform threat research on various industry threats vulnerabilities and attack vectors to understand potential weaknesses in security defenses and where security mitigations need to be enhanced.

Threat Modeling: Conduct threat modeling to understand most relevant threats to Caesars

Lead cross-team educational sessions and training: Lead sessions across internal security teams and across the entire company that detail relevant threats and information that business professionals need to understand as the threat landscape evolves

Collaboration: Work closely with the IT and security teams to understand current security architecture and assist in developing strategies to mitigate identified risks.

Compliance:Ensure that penetration testing activities adhere to relevant compliance standards and regulations including those specific to the casino industry such as PCI-DSS and other gaming regulations.

Continuous Improvement: Stay current with the latest security trends techniques and vulnerabilities and apply this knowledge to continuously improve the security posture of the casino.

Training and Awareness: Provide guidance and training to internal teams on best practices for security and how to address identified vulnerabilities.

3-5 years of experience in cybersecurity with a focus on threat research or analysis.

Experience with security tools and technologies such as SIEM next generation firewalls endpoint protection and threat intelligence platforms

Strong understanding of the following: networking fundamentals (all OSI layers protocols); Windows/ Linux/Unix/Mac operating systems as well as software vulnerability and exploitation techniques

Familiarity with system administration skills such as configuration maintenance and interpretation of log output from networking devices operating systems and infrastructure services as well as with cloud architecture operations and security vulnerabilities

Experience in multiple businesses or verticals with organizational and cultural understanding of call centers payments processes and client service/sales organizations

Expertise in collaborating with high-performing teams and individuals throughout the firm to accomplish common goals

Knowledge of US financial services sector cybersecurity or resiliency organization practices operations risk management processes principles regulations threats risks and incident response methodologies

Ability to identify systemic security or resiliency issues as they relate to threats vulnerabilities or risks with a focus on recommendations for enhancements or remediation and proficiency in multiple security assessment methodologies (e.g. Open Worldwide Application Security Project (OWASP) Top Ten National Institute of Standards and Technology (NIST) Cybersecurity Framework) offensive testing tools or resiliency testing equivalents