The Security Analyst is responsible for working with the Director of Infrastructure & Security and members of the Xanterra Corporate and Property IT departments to ensure that proper security requirements are implemented and to maintain Xanterra’s PCI and GDPR compliance.
ESSSENTIAL FUNCTIONS AND RESPONSIBILITIES:
- Perform monthly internal vulnerability scans, research and document remediation steps, disseminate to application/server owners in the field and track to completion.
- Perform daily log reviews and research of all reported potential attempts to breach Xanterra network’s security and/or access confidential information such as credit card information, personnel/payroll data and all other sensitive information.
- Become familiar with logging file integrity monitoring (FIM) tools, deploy to server and workstation resources and develop alerts/reports.
- You will be part of a team that deals with escalated internal and external security infringements and quickly react to information security threats, such as computer viruses, hackers, analysis of application security prior to release, etc. in order to ensure applications meet defined goals.
- Stay updated and informed about security tools and technologies as they relate to access control, data privacy protection (e.g. encryption, alternative authentication techniques, etc.), regulatory and compliance requirements (e.g. PCI-DSS, etc.).
- Perform property assessments with QSA (Qualified Security Assessor) and work with properties to address any gaps. Assessments require travel to Xanterra properties throughout the year.
- Facilitate Change Control Board meetings and work with the Director of Infrastructure and Security to improve the change control process.
- Perform scans against file systems to identify non-compliant storage of PCI data.
- Recommend improvements related to IT security standards, policies and procedures.
- Promote and communicate PCI awareness with properties.
- Evaluate and implement solutions to improve efficiencies with security patching.
- Support network integration projects related to property acquisitions as well as decommissions.
- Provide technical support to property IT resources and Xanterra associates as needed.
- Serves as a backup resource to the Systems Analyst responsible for the IT Service Desk and PC support providing end user support as needed when the normal IT Service Desk personnel are not available.
- Serves on the Xanterra Incident Response Committee.
- Serves in an on-call capacity for after-hours/non-business hours support if assigned by the Chief Information Officer.
- Assists IT operations staff, corporate IT employees, property-level IT employees, and the user community as a whole in resolving technical issues.
- Perform other duties as assigned.
Knowledge, Skills, and Abilities:
- Provides knowledge on Information Technology, Project Management and Administrative Responsibilities needed to successfully support the assigned location(s).
- Demonstrates strong analytical skills including the ability to plan complex system-related projects.
- Employee must have a working knowledge of various platforms including Microsoft Windows 2008/2012/2016, Microsoft Windows 10, Microsoft Server 2012/2016, WSUS, Anti-virus, Patch Management, Microsoft Exchange 2016, Office365, Backup Technology, Active Directory, Cisco Routers, Cisco Switches, Nessus Security Scanning and Qualysguard.
- Knowledge of IT data security compliance requirements.
- Proficiency in Microsoft Office suite of products is required.
- Must possess 3+ years of related IT experience in dealing with technology/data security.
- Experience with VMware and deploying virtual appliances
- A CCNA or equivalent experience with a strong understanding of network segmentation and VLANs
- Advanced Systems Administration and Security Experience
- Bachelor’s degree in Information Technology or Business Administration with a concentration in Information Technology, Hospitality Administration and/or Accounting
- Microsoft Certified Systems Engineer (MCSE) certification
- Prior experience with Payment Card Industry compliance requirements is preferred
- Significant work experience can substitute for formal education.
PHYSICAL DEMANDS & WORK ENVIRONMENT: Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Physical demands: While performing the duties of this position, standing, stooping and bending regularly is required, as well as the ability to lift up to 100 pounds. Vision abilities required by this position include close vision, distance vision, peripheral vision, depth perception and ability to adjust focus.
- Work environment: May be exposed to unusual temperature ranges (both cool and hot). The noise level in the work environment can be loud. Minimal travel outside the corporate office may be required. Must be able to be on location or accessible via remote connectivity technology within a 30 minute time period in the event of an emergency.