Information Security Engineer II

Under the direction of the Manager, Information Security Architecture & Engineering, the Information Security Engineer II is a key contributor to enterprise cybersecurity, specializing in operational tools that enable the Security Operations Center (SOC) to detect and prevent threats. This role involves managing security projects from planning to decommissioning, conducting risk analysis, addressing threats, remediating vulnerabilities, and performing vendor risk assessments to protect the enterprise assets and data. Additionally, the position strengthens the vulnerability management program by analyzing data, identifying trends, facilitating discussions, and driving cross-functional efforts to patch systems.

This position requires a skilled and motivated cybersecurity professional with a solid foundation in security operations and risk management. They possess technical expertise in managing security tools and technologies, with hands-on experience in threat detection, prevention, and response within a SOC environment. They demonstrate project management skills, leading security projects from start to finish. Their analytical abilities help them understand new technologies and forecast potential issues. Excellent communication skills enable them to collaborate with various teams and enhance the organization’s security posture.

Essential Duties And Responsibilities

• Drives infrastructure changes by recommending and implementing secure configurations for networks, servers, and cloud environments based on security analysis.
• Leads vulnerability management efforts, including planning and conducting regular scans, analyzing results, and prioritizing remediation based on risk assessments.
• Conducts vendor risk assessments on new technologies implemented to the enterprise and ensures secure implementation of the new technology from inception to completion.
• Evaluates emerging security technologies and recommends enhancements to existing toolsets or processes.
• Executes penetration testing exercises, documents findings, and works with stakeholders to address identified security gaps.
• Collaborates with IT teams to ensure systems and applications meet regulatory and departmental security requirements (e.g., NIST, PCI).
• Mentors Security Engineer I staff in tool deployment, feature optimization, and basic risk analysis tasks.
• Participates in Sec Engineering/SOC team exercises providing technical expertise and leading remediation of identified security gaps in detection and prevention.
• Performs other duties as assigned to support the efficient operation of the department.
  
  

Educational, Experience And Qualifications

• Bachelor’s degree in information security, technology, statistics, mathematics, or related field required.
• Minimum four (4) years of experience in Information Security, inclusive of two (2) years of Information Security engineering required.
• Experience with Casino and Tribal government technology and security goals strongly preferred.
• Related, relevant, and/or direct experience may be considered in lieu of minimum educational requirements indicated above.
  
  

Knowledge, Skills And Abilities (ksa)

• Demonstrated experience in performing detailed assessments and/or implementations of modern information security technologies.
• Proven experience designing, managing, and monitoring in one or more of the following areas: Identity and Access Management, Endpoint Security, Threat Intelligence, Vulnerability Management, Data Loss Prevention, and PCI Compliance.
• Experience leading enterprise level projects from inception to completion.
• Must have a demonstrated history of success in security or systems engineering.
• Ability to influence change within the enterprise to support the implementation of new programs and initiatives.
• Ability to conduct threat modeling, risk assessments, testing of controls, and designing of risk mitigation strategies.
• Knowledge of network protocols, secure application design, secure baseline configurations, design and deployment of security tools, and firewalls.
• Ability to perform penetration testing and vulnerability assessments.
• Must display a professional image with a service-oriented approach.
• Strong interpersonal skills, negotiating skills, troubleshooting, and analytical skills.
• Must have excellent written and verbal communication skills to interface with all parts of the enterprise including executives, managers, and team members.
• Must be self-motivated and frequently demonstrate initiative by going “above and beyond” what is required.
• Ability to handle multiple tasks with attention to detail and perform duties with minimal supervision.
  
  

LICENSES, CERTIFICATIONS AND REGISTRATIONS

• At the discretion of the San Manuel Tribal Gaming Commission, you may be required to obtain and maintain a gaming license.
• Certifications in two or more of the following: Information Technology Infrastructure Library (ITIL), Information Systems Audit and Control Association (ISACA), The Computing Technology Industry Association (CompTIA), International Information System Security Certification Consortium (ISC2), SysAdmin, Audit, Network, and Security (SANS), Global Information Assurance Certification (GIAC) required.
• Certifications in Ethical Hacking, Incident Response, Security Architecture, Forensics Examination, and/or Coding Languages strongly preferred.
• Authorized Driver: Role requires operation or driving of Tribe-owned vehicles or driving patron vehicles. A valid driver’s license with an acceptable driving record as determined by the insurance carrier is required.
  
  

Physical Requirements/ Working Conditions – Environment

The physical demands and working environment described here are representative of those that an employee encounters and must be met by an employee to successfully perform the essential functions of this job.

• Primary work environment is in a climate-controlled office setting.
• Work requires travel to attend meetings, trade shows, and conferences.
• Incumbents may be required to work evening, weekend and holiday shifts.
• Must be able to work in a fast-paced, high-demand environment.
• Strength sufficient to exert up to 10 pounds of force occasionally and/or a negligible amount of force frequently or constantly to lift, carry, push, pull or otherwise move objects and/or move up to 40 pounds occasionally.
• Sedentary work: involves sitting most of the time. Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine, and computer printer.
• Physical activities that apply to the essential functions of the position are balancing, stooping, kneeling, crouching, reaching, pushing, pulling, lifting, grasping, talking, hearing, and repetitive motions.
• Hearing sufficient to hear conversational levels in person, via videoconference and over the telephone.
• Speech sufficient to make oneself heard and understood in person, in front of groups, in meetings, via videoconference and over the telephone.
• Visual acuity that meets the requirements of the position: The worker is required to have close visual acuity to perform an activity such as preparing and analyzing data and figures; transcribing; viewing a computer terminal; expansive reading and visual inspection of employees, visitors or facility.
• Mobility sufficient to safely move in an office environment, walk, stoop, bend and kneel, and enter, exit and operate a motor vehicle in the course of travel to promotional events, meetings, conferences, trade shows and San Manuel properties.
• Endurance sufficient to sit, walk and stand for extended periods, and maintain efficiency throughout the entire work shift and during extended work hours.
• The employee may be exposed to fumes or airborne particles including secondhand smoke.
  
  

Reasonable accommodation will be made in compliance with all applicable law.

As one of the largest private employers in the Inland Empire, San Manuel deeply cares about the future, growth and well-being of its employees. Join our team today!

R0015044