Information Security Engineer II

Join to apply for the Information Security Engineer II role at Yuhaaviatam of San Manuel Nation.

Under the direction of the Manager, Information Security Architecture & Engineering, the Information Security Engineer II is a key contributor to enterprise cybersecurity, specializing in operational tools that enable the Security Operations Center (SOC) to detect and prevent threats. This role involves managing security projects from planning to decommissioning, conducting risk analysis, addressing threats, remediating vulnerabilities, and performing vendor risk assessments to protect the enterprise assets and data. Additionally, the position strengthens the vulnerability management program by analyzing data, identifying trends, facilitating discussions, and driving cross-functional efforts to patch systems.

This position requires a skilled and motivated cybersecurity professional with a solid foundation in security operations and risk management. They possess technical expertise in managing security tools and technologies, with hands-on experience in threat detection, prevention, and response within a SOC environment. They demonstrate project management skills, leading security projects from start to finish. Their analytical abilities help them understand new technologies and forecast potential issues. Excellent communication skills enable them to collaborate with various teams and enhance the organization’s security posture.

1. Drives infrastructure changes by recommending and implementing secure configurations for networks, servers, and cloud environments based on security analysis.
2. Leads vulnerability management efforts, including planning and conducting regular scans, analyzing results, and prioritizing remediation based on risk assessments.
3. Conducts vendor risk assessments on new technologies implemented to the enterprise and ensures secure implementation of the new technology from inception to completion.
4. Evaluates emerging security technologies and recommends enhancements to existing toolsets or processes.
5. Executes penetration testing exercises, documents findings, and works with stakeholders to address identified security gaps.
6. Collaborates with IT teams to ensure systems and applications meet regulatory and departmental security requirements (e.g., NIST, PCI).
7. Mentors Security Engineer I staff in tool deployment, feature optimization, and basic risk analysis tasks.
8. Participates in Sec Engineering/SOC team exercises providing technical expertise and leading remediation of identified security gaps in detection and prevention.
9. Performs other duties as assigned to support the efficient operation of the department.

1. Bachelor’s degree in information security, technology, statistics, mathematics, or related field required.
2. Minimum four (4) years of experience in Information Security, inclusive of two (2) years of Information Security engineering required.
3. Experience with Casino and Tribal government technology and security goals strongly preferred.
4. Related, relevant, and/or direct experience may be considered in lieu of minimum educational requirements indicated above.

1. Demonstrated experience in performing detailed assessments and/or implementations of modern information security technologies.
2. Proven experience designing, managing, and monitoring in areas such as Identity and Access Management, Endpoint Security, Threat Intelligence, Vulnerability Management, Data Loss Prevention, and PCI Compliance.
3. Experience leading enterprise-level projects from inception to completion.
4. Strong success record in security or systems engineering.
5. Ability to influence change within the enterprise to support new programs and initiatives.
6. Skilled in threat modeling, risk assessments, testing controls, and designing risk mitigation strategies.
7. Knowledge of network protocols, secure application design, configurations, security tools deployment, and firewalls.
8. Ability to perform penetration testing and vulnerability assessments.
9. Professional image with a service-oriented approach.
10. Strong interpersonal, negotiating, troubleshooting, and analytical skills.
11. Excellent written and verbal communication skills for engaging with all enterprise levels.
12. Self-motivated, proactive, capable of handling multiple tasks with attention to detail.

1. Possibility of needing a gaming license per San Manuel Tribal Gaming Commission requirements.
2. Certifications in at least two of the following: ITIL, ISACA, CompTIA, ISC2, SANS, GIAC required.
3. Certifications in Ethical Hacking, Incident Response, Security Architecture, Forensics, and Coding Languages are strongly preferred.
4. Valid driver’s license required for role involving operation of Tribe-owned or patron vehicles.

The physical demands and environment are typical for an office setting, with requirements for travel, working evenings, weekends, and holidays, and physical activities including sitting, walking, lifting, and operating vehicles. Reasonable accommodations will be made as per law.

Join our team today and be part of one of the largest private employers in the Inland Empire! We value growth and well-being of our employees.