Marcus Corporation
Senior IT Security Analyst
Marcus Corporation, Milwaukee, Wisconsin, United States, 53244
DescriptionThe Marcus Corporation, based out of Milwaukee, is a leader in the entertainment and lodging industries with significant company-owned real estate assets in 19 states. Here at Marcus, we celebrate more than 87 years of providing customers, clients and guests with Magical Marcus experiences and have been recognized by Forbes Magazine as one of America's most trusted companies.
As a Senior Security Analyst, you will play a pivotal role in protecting The Marcus Corporation from cyber threats and vulnerabilities. Leveraging your extensive experience in cybersecurity, you will be responsible for all aspects of security operations, including analyzing, monitoring, and responding to security incidents and implementing proactive measures to mitigate risks. Additionally, you will collaborate with cross-functional teams to develop and implement security controls, procedures, and best practices.Work location: In person
What you will be
doing:Manage all aspects of daily security operations and serve as the primary escalation point. Key functions to include:
Ensure accurate configuration and alert settings in all security and log management systems such as SIEM, FIM, AV, EDR, WAF, ESG, patch management, asset inventory, and other third-party systemsMonitor and investigate security incidents, conduct forensic analysis when necessary, and ensure appropriate response and resolution in a timely mannerDevelop and maintain documentation, including monitoring standards, daily procedures, runbooks, and incident response planProvide technology recommendationsGenerate monthly reporting and statistics of program effectivenessProvide after-hours and escalation support
Conduct regular vulnerability assessments to identify vulnerabilities within the infrastructure and potential misconfigurations
Develop remediation plans and coordinate with applicable teams
Stay current with the latest trends, threats, and technologies in information security, and provide recommendations for enhancements to the company's security postureCoordinate the annual attack and penetration tests performed by a third party and manage the remediation effortsDesign and manage the deployment of security controls, technologies, and countermeasures to prevent and mitigate security incidentsAnalyze metrics around utilization and capacity and recommend changes as necessaryProvide guidance and support to business units in implementing security controls and best practicesAssist the business in achieving compliance certifications (SOX, PCI). This will include quarterly internal-audit functionsEnsure compliance with applicable laws, regulations, and industry standardsDevelop and deliver security awareness and training programs to educate employees on security policies, procedures, and best practicesMaintain internal incident response procedures and serve as the incident response leadManage internal audits of security tools and supporting systems, ensuring timely completion and accuracyTrain staff on information security proceduresParticipate and leverage resources available within industry groups such as the RH-ISAC or NATOWhat we are looking for:Excellent knowledge of the following:PCI and SOX requirements are a mustFrameworks such as CIS, NIST CSF
Proven experience (5+ years) within Information Security or Security OperationsDemonstrated knowledge of security technologies, including firewalls, intrusion detection/prevention systems, SIEM, endpoint protection, AV, and vulnerability management toolsExperience managing all aspects of a Security Operations Center (SOC), including incident response, threat hunting, and security monitoringFamiliarity with cloud security concepts and technologies (e.g. AWS, Azure)Strong problem-solving and analytical abilities, with a keen attention to detailExcellent communication skills, with the ability to collaborate effectively with stakeholders at all levels of the organizationMust be strong at working as part of a team and independently as requiredAbility to prioritize workload based on business needsAbility to travel and attend relevant security conferences and trainingsAs part of being a Marcus Corporation associate, you will receive amazing benefits including:Discounts at Marcus Hotels & Resorts properties for hotel rooms, cafes, and restaurants - not to mention, great deals on golf, ski and spaMovie discounts at Marcus Theatres401k matchHealth dental and vision insurance, company-paid life insurance, employee assistance programAbility to grow your careerAnd more!Marcus Corporation is an Equal Opportunity Employer
As a Senior Security Analyst, you will play a pivotal role in protecting The Marcus Corporation from cyber threats and vulnerabilities. Leveraging your extensive experience in cybersecurity, you will be responsible for all aspects of security operations, including analyzing, monitoring, and responding to security incidents and implementing proactive measures to mitigate risks. Additionally, you will collaborate with cross-functional teams to develop and implement security controls, procedures, and best practices.Work location: In person
What you will be
doing:Manage all aspects of daily security operations and serve as the primary escalation point. Key functions to include:
Ensure accurate configuration and alert settings in all security and log management systems such as SIEM, FIM, AV, EDR, WAF, ESG, patch management, asset inventory, and other third-party systemsMonitor and investigate security incidents, conduct forensic analysis when necessary, and ensure appropriate response and resolution in a timely mannerDevelop and maintain documentation, including monitoring standards, daily procedures, runbooks, and incident response planProvide technology recommendationsGenerate monthly reporting and statistics of program effectivenessProvide after-hours and escalation support
Conduct regular vulnerability assessments to identify vulnerabilities within the infrastructure and potential misconfigurations
Develop remediation plans and coordinate with applicable teams
Stay current with the latest trends, threats, and technologies in information security, and provide recommendations for enhancements to the company's security postureCoordinate the annual attack and penetration tests performed by a third party and manage the remediation effortsDesign and manage the deployment of security controls, technologies, and countermeasures to prevent and mitigate security incidentsAnalyze metrics around utilization and capacity and recommend changes as necessaryProvide guidance and support to business units in implementing security controls and best practicesAssist the business in achieving compliance certifications (SOX, PCI). This will include quarterly internal-audit functionsEnsure compliance with applicable laws, regulations, and industry standardsDevelop and deliver security awareness and training programs to educate employees on security policies, procedures, and best practicesMaintain internal incident response procedures and serve as the incident response leadManage internal audits of security tools and supporting systems, ensuring timely completion and accuracyTrain staff on information security proceduresParticipate and leverage resources available within industry groups such as the RH-ISAC or NATOWhat we are looking for:Excellent knowledge of the following:PCI and SOX requirements are a mustFrameworks such as CIS, NIST CSF
Proven experience (5+ years) within Information Security or Security OperationsDemonstrated knowledge of security technologies, including firewalls, intrusion detection/prevention systems, SIEM, endpoint protection, AV, and vulnerability management toolsExperience managing all aspects of a Security Operations Center (SOC), including incident response, threat hunting, and security monitoringFamiliarity with cloud security concepts and technologies (e.g. AWS, Azure)Strong problem-solving and analytical abilities, with a keen attention to detailExcellent communication skills, with the ability to collaborate effectively with stakeholders at all levels of the organizationMust be strong at working as part of a team and independently as requiredAbility to prioritize workload based on business needsAbility to travel and attend relevant security conferences and trainingsAs part of being a Marcus Corporation associate, you will receive amazing benefits including:Discounts at Marcus Hotels & Resorts properties for hotel rooms, cafes, and restaurants - not to mention, great deals on golf, ski and spaMovie discounts at Marcus Theatres401k matchHealth dental and vision insurance, company-paid life insurance, employee assistance programAbility to grow your careerAnd more!Marcus Corporation is an Equal Opportunity Employer