SecOps Analyst

Summary

Join PENN Entertainment’s digital team and contribute to the development and maintenance of cutting-edge online gaming and sports media products. As a Security Engineer, you will be responsible for monitoring and responding to security events, developing internal tools to automate security workflows, and collaborating with cross-functional teams. You will integrate new and existing systems into the security fabric, create detection rules, and maintain expert knowledge of emerging threats. The role involves triaging security events, assisting with vulnerability assessments, and supporting compliance audits. PENN Entertainment offers a competitive compensation package, comprehensive benefits, and a fun work environment.

Requirements

• Minimum 2 years experience in IT/IS security discipline
• Minimum 2 years experience in aforementioned technologies
• Must have functional knowledge of macOS, Linux and Windows
• Must have functional knowledge of AzureAD, GCP and Kubernetes
• Ability to learn and communicate technical information
• Must have excellent written and oral communication skills
• Must possess strong interpersonal skills in order to work in a dynamic and fast-paced environment

Responsibilities

• Assist in the design and deployment of security infrastructure and controls to enhance our security posture
• Develop simple internal tools to automate security workflow, integration, and threat analysis
• Participate in team coding projects to develop and maintain complex internal tools
• Integrate new and existing systems into current security fabric utilizing existing tools and developing new ones where necessary
• Collaborate with team members to create complex detection/correlation rules utilizing our SIEM and/or other security infrastructure to enhance detection and monitor for emerging threats
• Participate in tuning efforts of the detections/correlation rules
• Responsible for maintaining an expert level knowledge of existing and emerging security threats, concepts, and methods
• May be relied upon as a technical point of contact during Escalated Events relating to Security
• Triage abuse reports and security events from security related systems
• Respond to non-breach events (e.g., block brute force attacks, scanning attempts, etc)
• Assist with Vulnerability Assessments and Remediation
• Daily security maintenance activities (e.g., EDR review, agent and infrastructure health)
• Take part in Operational & Strategic Projects
• Event & Security Log review
• Identify, evaluate and report security vulnerabilities or deficits
• Triage and evaluate reported vulnerabilities from VDP program
• Act as first point of contact for security tickets and questions
• Escalate issues to senior security staff as warranted
• Support compliance audits by gathering relevant security data and producing clear, audit-ready reports using internal tooling
• Document and present findings from notable security investigations, including action items and lessons learned to drive ongoing security improvements
• Act as point of contact, coordinate, and assist with tracking of wide scoped security projects
• Enhance workflows and processes related to daily activities
• Assist senior staff in security device tuning to reduce false positives and false negatives
• Must deliver an exceptional customer experience every day
• Other duties as required

Benefits

• Competitive compensation package
• Comprehensive Benefits package
• Fun, relaxed work environment
• Education and conference reimbursements