Cybersecurity Analyst

Join Wynn Resorts’ Information Security Operations Center (SOC) and help protect one of the world’s premier hospitality and gaming organizations. As part of our “WE Life” culture, you’ll lead a strategic group of analysts with hands-on experience across the full incident lifecycle—detection, triage, response, and remediation—in a fast-paced, high-stakes environment.

The Cybersecurity Analyst is a critical member of our InfoSec team, responsible for safeguarding the integrity, confidentiality, and availability of Wynn’s data and systems. You’ll leverage advanced security tools, automation, and threat intelligence to proactively defend against evolving cyber threats across on-premises, cloud, and hybrid environments.

Key Responsibilities

Security Monitoring & Incident Detection

• Monitor security alerts and logs across SIEM, EDR/XDR, firewalls/IDS, email security, identity management, and cloud platforms to identify potential security incidents.
• Perform multi-level triage (Level 1–3): assess alerts, validate relevance/impact, escalate or close as appropriate.

Investigation & Response

• Conduct deep investigations of confirmed incidents, including event timeline reconstruction, scope determination, containment, and remediation recommendations.
• Correlate data across identity, endpoint, network, application, and cloud sources to identify suspicious activity (e.g., abnormal logins, privilege escalation, data exfiltration).

Threat Intelligence & Automation

• Consume, analyze, and operationalize threat intelligence feeds to proactively identify emerging threats.
• Develop and use scripts (Python, PowerShell) to automate detection, investigation, and reporting tasks.

Vulnerability & Risk Management

• Conduct vulnerability scans, risk assessments, and basic penetration testing; coordinate remediation with IT teams.
• Support patch management and ensure alignment with security frameworks (NIST, ISO, CIS) and regulatory compliance (PCI-DSS, HIPAA, GDPR).

Security Awareness & Collaboration

• Support or deliver security awareness training and phishing simulations for staff.
• Collaborate with IT, compliance, business units, and senior InfoSec engineers to coordinate incident response and remediation efforts.

Reporting & Documentation

• Generate clear, high-quality incident and investigation reports for technical and business audiences.
• Maintain and update inventories of critical assets: identity stores, privileged accounts, data stores, endpoints, applications.

Continuous Improvement

• Tune and improve detection rules, playbooks, and runbooks based on incident learnings and the evolving threat landscape.
• Leverage SOAR and AI/ML tools to enhance SOC efficiency and threat detection.

Audit & Preparedness

• Participate in periodic security audits, reviews, and preparedness exercises.
• Provide on-call support for after-hours incident detection and response, as required.

Qualifications

• Bachelor’s degree in computer science, Information Security, Cybersecurity, or related field—or equivalent work experience.
• 2–5+ years hands-on experience in security operations, SOC, or similar roles, including alert triage, incident response, log investigation, EDR/IDS/Firewall monitoring, or SIEM operations.
• Proficiency with SIEM, EDR/XDR, firewalls/IDS, identity management, endpoint monitoring, and log analysis.
• Basic scripting skills (Python, PowerShell) for automation and analysis.
• Experience with cloud security monitoring and incident response (AWS, Azure, GCP).
• Knowledge of security frameworks (NIST, ISO, CIS) and regulatory compliance (PCI-DSS, HIPAA, GDPR).
• Certifications: CompTIA Security+, CySA+, CEH, CISSP, CISM, GIAC, or cloud security certifications (AWS Certified Security, Azure Security Engineer) preferred.
• Strong analytical thinking, investigative mindset, attention to detail, and ability to handle ambiguous or incomplete data.
• Excellent communication skills—written and verbal—to document incidents, interact with stakeholders, and explain technical issues to non-technical audiences.

• Ability to work collaboratively, adapt to changing priorities, and operate under pressure.

Preferred

• Previous experience in hospitality, gaming, or large enterprise environments (casino/resort operations a plus).
• Familiarity with data classification, data loss prevention (DLP), and data access monitoring.
• Experience with vulnerability management, patch management, or security compliance frameworks.

Why Join Wynn Resorts?

You’ll join a dedicated team protecting one of the world’s premier resorts and gaming operations. This role offers a unique opportunity to build deep SOC and incident-response expertise in a dynamic, high-stakes environment, with hands-on responsibilities across the full incident lifecycle.

Wynn Resorts is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. Wynn Resorts does not discriminate on the basis of disability, veteran status or any other basis protected under federal, state or local laws.