IT Security Engineer

Job Location: Catawba Two Kings Casino - Kings Mountain, NC 28086
Position Type: Full Time
Job Category: Information Technology

Catawba Two Kings Casino is seeking a skilled Security Engineer to join our IT team at a premier casino with a hotel amenity in Kings Mountain, NC. This role is essential in supporting and maintaining a robust cybersecurity infrastructure to protect gaming operations, guest data, and financial transactions, with a strong focus on data security, Payment Card Industry Data Security Standards (PCI DSS) compliance, and identity-based network access.

The ideal candidate will implement and manage security platforms, including EDR, firewalls, network segmentation tools, and Net Flow, while collaborating with our managed Security Operations Center (SOC) to ensure rapid threat detection and response. The Security Engineer will support daily security operations, contribute to improving the casino’s security posture, and ensure compliance with gaming industry regulations in a dynamic, 24/7 environment.

• Security Infrastructure Support: Implement and maintain security solutions including but not limited to EDR, firewalls, advanced network segmentation, Net Flow, and identity-based network access to protect gaming systems, guest data, and financial transactions, ensuring alignment with PCI DSS requirements.
• Identity-Based Network Administration: Support identity-based network access control, configuring policies for user and device authentication, authorization, and accounting (AAA), and assisting with endpoint posture assessments to ensure compliance with security standards.
• Data Security and PCI Compliance: Support the implementation of data encryption standards, access controls, secure data transmission protocols, and network segmentation to protect sensitive information, including payment card data. Assist in maintaining PCI DSS compliance through audits and remediation activities.
• Incident Monitoring and Response: Monitor security events and assist the managed SOC in responding to incidents promptly, leveraging security tools for threat detection and mitigation. Support integration of identity-based tools with SOC tools for threat intelligence and access log sharing.
• Security Assessments: Conduct vulnerability scans, support security audits, and assist in identifying and mitigating risks affecting gaming integrity, financial systems, and guest data.
• Compliance Support: Assist in ensuring compliance with gaming industry regulations, including PCI DSS, Gaming Laboratories International (GLI) standards, and state-specific requirements. Support PCI DSS audits by maintaining accurate documentation and assisting with compliance activities.
• Incident Response Support: Assist in executing incident response plans for data breaches, supporting containment, eradication, and recovery efforts while adhering to legal and regulatory notification requirements.
• System Integration: Collaborate with IT, gaming operations, and other departments to integrate security solutions with critical systems, such as point-of-sale and guest management platforms, ensuring secure handling of payment transactions.
• Third-Party Risk Support: Assist in assessing third-party vendors, such as payment processors, to ensure compliance with the casino’s security and PCI DSS standards.
• Security Awareness Training: Support the development and delivery of security awareness training programs to educate staff on data security best practices and compliance requirements.
• Threat Intelligence: Stay informed on emerging cybersecurity threats and support the implementation of recommended improvements to strengthen defenses.
• Documentation: Maintain accurate documentation of security configurations, incident response procedures, and compliance activities for auditing and regulatory purposes.
• Guest and IoT Device Management: Support identity-based network access configurations for secure guest access and management of IoT devices, such as gaming machines and ATMs, ensuring network separation and compliance.
• On-Call Support: Be available for on-call duties to address critical security incidents outside regular…