Director - Cyber Security.

Job Description:

Position Overview

The primary responsibility of the Director - Cyber Security is the day-to-day operations of the US SOC, the equipment that supports the SOC and the training and operational readiness of the analysts that support SOC operations. The Director - Cyber Security is also responsible for maintaining communications with other SOCs identified by the Executive Director of Global Cyber Operations, the property IT departments and property analysts to support the operations of the SOC and for cyber security response/support to events that affect the security of the LVSC networks.

All duties are to be performed in accordance with departmental and Las Vegas Sands Corp.'s policies, practices, and procedures. All Las Vegas Sands Corp. Team Members are expected to conduct and carry themselves in a professional manner at all times. Team Members are required to observe the company's standards, work requirements and rules of conduct.

Essential Duties & Responsibilities

• Defines cyber security cyber operations, programs and process for the LVSC enterprise.
• Participate in projects or issues of high complexity that require in-depth knowledge across multiple technical areas and business segments.
• Coaching and development of technical Cyber Security analysts.
• Work closely with the Executive Director of Global Cyber Security Operations and the global SOC team capable of providing freedom of action in the cyber environment for every property and geography where LVSC operates.
• Work closely with property IT Operations and other functional area specialists to ensure threat indicators are rated by severity and responded to in a manner consistent with the threat.
• Contribute to the development and maintenance of the cyber security strategy.
• Provide network and system security advice and risk analysis to business units who engage with the Global Cyber Security team.
• Security policy and procedure development for the LVSC global network.
• Develop and lead the regional LVSC Security Operations Center.
• Develop and lead the regional LVSC Security Operations Center Intelligence team to ensure security threat information, system log information, and sources of external intelligence are combined to provide real time response to cyber events.
• Integrate the global strategy and approach to sourcing and integrating external sources of cyber intelligence.
• Manage the individual property Incident Response programs.
• Define, gather and report on metrics regarding all security systems within the LVSC networks
• Staff training and development.
• Perform job duties in a safe manner.
• Attend work as scheduled on a consistent and regular basis.
• Perform other related duties as assigned.

Minimum Qualifications

• 21 years of age.
• Proof of authorization to work in the United States
• Bachelor's degree in information systems or equivalent work experience.
• Certifications preferred: GSEC, SSCP, Security+,CEH, GCIH, GCIA, GCED, GSE, or CISSP
• 5 years' experience in leading a team that performs cyber security collection, analysis,
• intrusion response and reporting process/procedures
• 5 years hands-on experience with a SIEM in the detection, response, mitigation, and/or reporting of cyber threats affecting networks and two or more of the following:
• Experience in computer intrusion analysis and incident response and Intrusion detection/response.
• Computer network surveillance/monitoring.
• Knowledge and understanding of network protocols, network devices, multiple operating systems, and secure architectures.
• Experience in computer evidence seizure, computer forensic analysis, and data recovery, network forensics and system log analysis.
• Experience with current cyber threats and the associated tactics, techniques, and procedures used to exploit computer networks.
• Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology).
• Current experience with advanced persistent cyber threats and the associated tactics, techniques, and procedures used to infiltrate computer networks.
• Demonstrated ability to document processes.
• The ability to respond to crises objectively.
• Strong knowledge of current intrusion analysis tools and methodologies to include but not limited to; TCPDump
• Wireshark, Multiple SIEM technologies, Nessus, Metasploit, nmap, EnCase Enterprise, ForensicTool Kit (FTK)
• Must be able to work collaboratively across properties and physical locations
• In-depth knowledge of risk assessment methods and technologies
• Proficiency in performing risk, business impact, control and vulnerability assessments
• Excellent technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools.
• Ability to communicate clearly and effectively in English, both in spoken and written form.
• Strong interpersonal skills with the ability to communicate effectively with guests and other Team Members of different backgrounds and levels of experience.