Manager of Information Technology Security - (On-Site, No Contract)

Position Summary:
Under general direction from the Director of Information Technology (IT), responsible for overseeing the information security operations of Table Mountain Casino Resort (TMCR) and ensuring the confidentiality, integrity, and availability of the Casino's information systems and data. The role focuses on creating and enforcing security policies, continuous monitoring of systems and networks for potential threats, and leading incident response efforts to mitigate risks. The position requires direct engagement, and driving the implementation of security technologies and processes that align with business objectives. Responsible for risk management, compliance oversight, and strategic contributions to the Casino's overall security posture and operational goals.

This list of duties and responsibilities is illustrative only of the tasks performed by this position and is not all-inclusive.

Essential Duties & Responsibilities:

• Oversee the management of the organization's IT security infrastructure, including firewalls, intrusion detection/prevention systems, and other security tools, and ensure the Casino maintains a robust and reliable security posture.
• Manage, guide, mentor, and develop a team of IT security professionals (3–5 staff members) by providing leadership, training, and technical guidance on cybersecurity issues and project execution.
• Oversee continuous monitoring of systems, networks, and applications for potential security threats, ensuring timely identification of vulnerabilities or breaches and coordinating swift resolutions to minimize impact.
• Implement and maintain processes for cybersecurity incident response, including clear escalation procedures, root cause analysis, and post-incident reviews to strengthen future response efforts.
• Develop, implement, and enforce IT security policies and procedures to protect sensitive data and systems, and ensure these policies remain up-to-date and effective against emerging threats.
• Ensure IT security operations adhere to all relevant gaming industry regulations and information security compliance standards to maintain the integrity of casino operations.
• Conduct regular risk assessments and vulnerability scans and oversee the remediation of identified security weaknesses to reduce the organization's risk exposure.
• Assist with developing and managing the IT security budget, optimizing resource allocation, and identifying cost-effective security solutions and technologies.
• Manage relationships with external security vendors and service providers, including negotiating contracts and overseeing service delivery to ensure quality and compliance with service agreements.
• Identify areas for improvement in the organization's security posture, implementing new technologies and processes to enhance protection and increase operational efficiency.
• Provide day-to-day operational guidance on security matters that support the short-term and long-term technology plans of the Casino.
• Plan, coordinate, and direct security-related activities of the IT organization to safeguard the confidentiality, integrity, and availability of information assets.
• Collaborate with other business leaders and departments to ensure security requirements are understood and integrated into their operational processes and projects.
• Work closely with the Director of IT to identify, recommend, develop, and implement effective security solutions for all aspects of the organization.
• Benchmark, analyze, and report on the Casino's security infrastructure and practices, and make recommendations for improving and growing the IT security program.
• Manage IT security staffing, including recruitment, supervision, scheduling, career development, performance evaluations, and disciplinary actions.
• Oversee the documentation of security incidents, vulnerabilities, remediation actions, and other security activities to maintain detailed records and support compliance requirements.
• Keeps abreast of industry cybersecurity trends and new technologies; ensures compliance with applicable laws and policies.
• Contributes to a team effort and accomplishes related results as required.
• Performs other duties as required.

Direct Reports: IT Security Analyst, IT Security Engineer

Access to Sensitive Areas: All areas are accessible when accompanied by authorized personnel and/or security.

Minimum Qualifications:
Bachelor's degree in Computer Information Systems, Cybersecurity, or a related field plus seven (7) years of progressive work experience in information security or cybersecurity, or equivalent combination of education and experience in information security—combined with recognized high-level industry certifications (e.g., CISSP, CISM, CEH, or equivalent). . Experience in the design of security architecture, implementation of security controls, and systems hardening is required. Excellent interpersonal skills, written and verbal communication, and proven analytical and problem-solving abilities are required. Professional certifications such as CISSP, CISM, CISA, or CEH that demonstrate advanced competency in cybersecurity management and technical expertise preferred. Must be able to successfully pass a pre-employment drug/alcohol screen and background investigation and obtain and maintain a gaming license.

Knowledge, Skills, and Abilities:

• Knowledge of enterprise network infrastructure and cybersecurity principles, including Local Area Network (LAN) and Wide Area Network (WAN) systems, firewalls, intrusion detection/prevention systems, endpoint security, and identity/access management solutions.
• Strong knowledge of information security frameworks and standards (e.g., NIST, ISO 27001, CIS Controls) and ability to align security practices with regulatory and industry requirements.
• Knowledge of risk management, threat modeling, vulnerability management, and incident response methodologies.
• Skill in operating security monitoring and analysis tools (SIEM, EDR, vulnerability scanners, etc.), as well as standard productivity software (word processing, spreadsheets, and databases) in a Windows environment.
• Skill in preparing, reviewing, and analyzing security reports, risk assessments, and technical documentation.
• Ability to apply best practices for system hardening, secure configuration, and cloud security controls.
• Ability to analyze organizational security requirements and recommend solutions to safeguard systems and data.
• Ability to implement, test, troubleshoot, and maintain security systems and processes.
• Ability to provide information security training, awareness, and user support across diverse business units.
• Ability to exercise independent judgment and lead security initiatives with minimal oversight.
• Ability to communicate effectively, both verbally and in writing, with technical and non-technical stakeholders.
• Ability to interact and maintain working relationships with people of varying social and cultural backgrounds.
• Ability to maintain confidentiality and handle sensitive information with discretion.

Physical Demands:
While performing the duties of this job, the employee is regularly required to talk and hear. The employee is regularly required to stand, walk, sit, use hands to handle or feel objects, tools, or controls, and reach with hands and arms. The employee frequently lifts and/or moves up to 50 pounds. Specific vision abilities required by this job include close vision, distance vision, peripheral vision, depth perception, color vision, and the ability to adjust focus.

Work Environment:
While performing the duties of this position, the work environment is occasionally noisy, and the employee will work indoors. Additionally, the employee will be exposed to cigarette smoke.