Information Security Engineer

Oneida Innovations Group is a tribally owned enterprise of the Oneida Indian Nation, an innovative and experienced Indian Nation owning and operating several multifaceted business enterprises, each focused on delivering exceptional customer experiences and service.

Many IT services companies approach cyber solutions from a technological standpoint. Our coming of age in the casino gaming and hospitality industry - complex security and regulated environments - supporting New York's most awarded resort and casino means our approach is not only sophisticated but also highly customer-centric.

We don't just take care of problems. We seek out ways to anticipate and prevent them. We don't just improve connectivity. We constantly strive to make connecting safer and in doing so, more accessible. And we do so as IT professionals, as trusted allies and as partners in your success.

Come join our team as we are currently seeking an Information Security Engineer to join our group!

Summary: The Security Engineer's role is to ensure the security of all information that is digitally transmitted or at-rest within Turning Stone Enterprises; and ensure the secure operation of in-house computer systems, servers, and network connections. This includes managing the logs from servers, switches, endpoints and firewalls, scrutinizing network traffic, reviewing and recommending upgrades, and troubleshooting all security issues.

Duties & Responsibilities:

• Effectively deploy, manage and maintain all security systems and their corresponding or associated software; e.g. firewalls, Multi-factor authentication systems, cryptographic systems, endpoint protection, multi-factor applications, and SIEMs.
• Develop, implement, maintain, and oversee the enforcement of information security policies, procedures, and associated plans based on industry-standard best practices.
• Regularly assess the configuration of enterprise firewalls, ensuring both security and functionality.
• Assist in the design and implementation of a disaster recovery plan for all enterprise-based systems and software applications.
• Manage security for the network, which includes web sites, intranet, e-mail, and other communications systems.
• Assist in the design of, and/or oversee penetration testing of all systems.
• Monitor all system logs for unusual or suspicious activity. Interpret activity and make recommendations for resolution. Escalate issues appropriately as they are discovered.
• Manage and escalate mitigations in the event of a breach.
• Assess and provide recommendations for any security reconfigurations (minor or significant)
• Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts.
• Test new security software and/or technologies.
• Provides on-call security support to end-users.

Minimum Requirements:

• Degree in the field of Computer Science; and/or 5 years equivalent work experience.
• Certification in Certified Information Systems Security Professional (CISSP), SANS certifications
• Demonstrate broad knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices.
• Possesses in-depth technical knowledge of networking in an enterprise environment.
• Must understand and have worked with RMF.
• Experience with HIPAA, NIST, PCI-DSS, and other regulations.
• Demonstrate a high level of analytical and problem-solving abilities.
• Demonstrate the ability to conduct research into security issues and products as required.
• Must have strong interpersonal and oral communication skills.
• Must have strong organizational skills.
• Must possess a strong attention to detail.
• Must be able to effectively prioritize and execute tasks in a high-pressure environment.
• Must have experience working in a team-oriented, collaborative environment.

Oneida Innovations Group is an equal opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, national origin, age, disability, marital status, veteran status, sexual orientation, gender identity, genetic information or any other protected characteristic under applicable law.