Manager, Information Security Architecture & Engineering
Company: SAN MANUEL INDIAN BINGO & CASINO
Posted on: May 3, 2021
Reporting to the Director Information Security Operations, the
Information Security Architecture and Engineering Manager is
responsible for understanding complex business information
technology needs specifically focused on the information security
sector. The Information Security Architecture and Engineering
Manager researches, designs, and recommends technical solutions, as
appropriate. The Information Security Architecture and Engineering
Manager assumes a lead role in the Information Security program
including the development of security architecture and standards,
in addition to supervising and mentoring members of the
This position requires a creative self-starter that has the
ability to think through a project from start to finish and has the
technological vision to support the security needs of the
enterprise. This position also requires knowledge of and expertise
in various operating systems, software systems, hardware, and
network configurations. The Information Security Architecture and
Engineering Manager also works cross-functionally with various
teams, including enterprise architecture, application support,
development, and quality assurance by addressing technical issues
related to information security.
Essential Duties & Responsibilities
Establishes a strategic vision for security architecture,
including standards and frameworks that are aligned with the
overall enterprise and Information Technology (IT) strategies
through relationships with the various Information Technology
teams, auditors, and other stakeholders throughout the
Ensures systems and applications are implemented with
compensating controls to meet regulatory requirements (California
Consumer Privacy Act (CCPA), Health Insurance Portability and
Accountability Act of 1996 (HIPAA), Indian Gaming Regulatory Act,
etc.), as well as other enterprise compliance such as Payment Card
Industry (PCI) requirements.
Reviews business context for solutions to enterprise challenges
as well as defines the vision and requirements for the solution.
Recommends potential solutions (which include Request for
Information (RFI), Request for Proposal (RFP) or application
development), selects the optimal solution and develops the
roadmaps, policies, and standards. Plans for security systems by
evaluating network and security technologies. Develops security
requirements for local area networks (LANs), wide area networks
(WANs), virtual private networks (VPNs), routers, firewalls, and
related security network devices.
Collaborates with enterprise architecture and application
development to enhance the security posture of new and existing
Engages with third parties to evaluate solutions, responds to
security events in order to understand the threat landscape.
Conducts and/or facilitates penetration-testing exercises.
Leads, mentors, develops a team of professionals, and directs
all engineering and architecture activities to ensure they are
conducted in accordance with applicable policies and standards.
Responsible for managing the team's overall transaction accuracy
and efficiency to ensure project timelines are met.
Creates, develops, maps, and implements best practices for cloud
Maintains current job knowledge by tracking and understanding
emerging security practices and standards, participating in
educational opportunities, reading professional publications,
maintaining personal networks, and participating in professional
Performs other duties as assigned to support the efficient
operation of the department.
- Assumes other responsibilities, duties, tasks and assignments
that contribute to the mitigation or response to any public health
Carries out supervisory responsibilities in accordance with the
organization's policies and applicable laws. Responsibilities
include interviewing, hiring and training employees; planning,
assigning reviewing and directing work; evaluating and appraising
performance; rewarding and disciplining employees; addressing
complaints and resolving problems. Makes hiring decisions and
designs individual development plans with succession planning in
mind for all key roles.
- Bachelor's degree in Information Security, Technology, Business
Management, or related field is required.
- Minimum of three (3) years of experience in a
technology-related field, with a strong focus in performing
Information Security related activities.
- Minimum of three (3) years of experience managing functions,
teams or departments.
- Equivalent combination of education and progressive, relevant
and direct experience may be considered in lieu of minimum
educational/experience requirements indicated above.
- Demonstrated experience in performing detailed needs
assessments and/or implementation of modern information security
technologies such as firewalls, virtual private networks (VPN),
intrusion detection systems (IDS), intrusion prevention systems
(IPS), endpoint security solutions, servers and other
infrastructure solutions (security information and event management
(SIEM), federated authentication and authorization, anomaly
detection systems, identity and access management, public and
private cloud technologies).
- Proven experience designing, managing, and monitoring in one or
more of the following areas: Identity and Access Management, Threat
Intelligence, Data Loss Prevention, PCI Compliance.
- Comprehensive understanding of regulations and frameworks
including National Institute of Standards and Technology (NIST),
Payment Card Industry (PCI), and Center for Internet Security
- Proven experience in the Tribal/Gaming sector is
- Ability to interface with all parts of the organization
including executives, managers, and team members.
- Ability to influence change within the enterprise to support
the implementation of new programs and initiatives.
- Ability to conduct threat modeling, risk assessments, testing
of controls, and designing of risk mitigation strategies.
- Strong interpersonal skills, negotiating skills,
troubleshooting and analytical skills.
- Must have excellent written and verbal communication
- Must be self-motivated and frequently demonstrate initiative by
going "above and beyond" what is required.
- Must display a professional image with a service-oriented
- Knowledge of secure baseline configurations as well as how to
implement and monitor.
- Knowledge of applying secure configurations to hardware and
- Must be skilled in configuring, deploying, and monitoring
corporate security tools.
- Knowledge of secure application design.
- Ability to perform penetration testing and vulnerability
- Knowledge of network protocols, traffic log analysis, and
network security architecture.
- Knowledge and experience in managing web application firewalls,
next-generation firewalls, IDS/IPS, content filtering solutions,
and Network Access Control.
- Ability to handle multiple tasks with attention to detail, and
perform duties with minimal supervision.
- At the discretion of the San Manuel Tribal Gaming Commission,
you may be required to obtain and maintain a gaming license.
- A qualified candidate/employee must have a valid driver's
license with an acceptable driving record as determined by the
company's insurance carrier.
- Industry certifications such as Certified Information Systems
Security Professional (CISSP), Global Information Assurance
Certification (GAIC), Certified in Risk and Information Systems
Control (CRISC), Certified Ethical Hacker (EC-EH), and Computer
Hacking Forensic Investigator (EC-CHFI) are preferred.
San Manuel Band of Mission Indians and San Manuel Casino will
make reasonable accommodations in compliance with applicable
As one of the largest private employers in the Inland Empire,
San Manuel deeply cares about the future, growth and well-being of
its employees. Join our team today!
Keywords: SAN MANUEL INDIAN BINGO & CASINO, Highland , Manager, Information Security Architecture & Engineering, Other , Highland, California
Didn't find what you're looking for? Search again!