The Senior Cybersecurity Analyst is a key member of Wynn Resorts’ Information Security Operations team, responsible for advanced threat analysis, incident response, proactive threat hunting, and continuous improvement of security controls across Wynn’s global enterprise. This role provides expert technical leadership during security events, drives strategic enhancements to detection and response capabilities, and ensures the protection of sensitive systems and data. The analyst will collaborate with cross-functional teams and contribute to the development of a resilient, compliant, and security-aware organization. Key Responsibilities Threat Detection, Triage & Analysis - Perform Level-3 triage and deep-dive investigations for advanced alerts across SIEM, EDR/XDR, email security, cloud security, network telemetry, IAM platforms, and application logs. - Lead incident intake, impact analysis, triage logic development, and event correlation across multiple data sources. - Validate, tune, and improve detection rules, thresholds, and correlation logic to minimize false positives and maximize visibility. - Identify root causes, attack paths, indicators of compromise (IOCs), and technique-level behaviors aligned to the MITRE ATT&CK framework. Incident Response & Coordination - Lead security incidents from detection through containment, eradication, and recovery. - Coordinate with IT, Network, Cloud, Database, Legal, Compliance, and leadership teams to drive timely remediation. - Produce executive-level incident summaries, detailed technical analysis reports, and lessons-learned documentation. - Participate in on-call escalation rotation for high-severity events. Threat Hunting & Proactive Security - Conduct proactive threat-hunting exercises across endpoints, identities, network flows, and cloud activity logs. - Develop hypotheses, test scenarios, evaluate anomalous behavior, and uncover unknown or sophisticated threats. - Advance behavioral detection by identifying emerging attacker techniques relevant to Wynn’s environment. Security Architecture, Engineering & Controls - Partner with engineering teams to enhance SIEM/EDR configurations, detection content, dashboards, and automated response playbooks. - Design and implement enterprise-wide security controls and frameworks. - Support secure development practices and architecture reviews. - Validate the effectiveness of existing controls, including EDR configuration, firewall rules, IAM policies, and DLP systems. Risk Management, Compliance & Governance - Conduct risk assessments, vulnerability management, and penetration testing. - Ensure compliance with relevant frameworks (NIST, ISO 27001, PCI DSS, HIPAA) and regulatory requirements. - Develop and maintain SOC runbooks, IR playbooks, and security procedures. - Create metrics, KPIs, and after-action reports for continuous improvement. Security Awareness & Training - Lead or support security awareness and training programs for staff. - Mentor junior SOC analysts and assist with onboarding, cross-training, and knowledge sharing. Scripting & Automation - Develop and maintain scripts and automation for security operations (Python, PowerShell, etc.). - Support the integration of security tools and automation workflows. Other Duties as Assigned - Support security projects, tool deployments, audits, and assessments. ## Qualifications Qualifications - Bachelor’s degree in information security, Computer Science, or equivalent work experience. - 5–10 years of hands-on experience in SOC operations, incident response, threat analysis, digital forensics, or similar security functions. - Deep understanding of SIEM platforms, EDR/XDR tools, identity systems, email security, network and firewall logging, and cloud security concepts. - Strong familiarity with MITRE ATT&CK, cyber kill chain, and threat-actor TTPs. - Experience with risk management, vulnerability assessment, penetration testing, and compliance frameworks (NIST, ISO 27001, PCI DSS, HIPAA). - Proficiency in scripting and automation (Python, PowerShell). - Excellent written and verbal communication skills, including executive-ready reporting. - Strong analytical, problem-solving, and leadership skills. Preferred - Experience in hospitality, gaming, or 24/7 enterprise environments. - Certifications such as CISSP, CISM, Security+, CySA+, GCIA, GCIH, CEH, or similar. - Experience with threat intelligence platforms, YARA/Sigma detections, or automated SOAR workflows. - Familiarity with data classification, DLP controls, and data movement monitoring. - Understanding of forensic principles, memory/disk analysis, or malware behavior. Why Join Wynn Resorts? You’ll join a dedicated team protecting one of the world’s premier resorts and gaming operations. This role offers a unique opportunity to build deep SOC and incident-response expertise in a dynamic, high-stakes environment, with hands-on responsibilities across the full incident lifecycle. ## Additional Information Wynn Resorts is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. Wynn Resorts does not discriminate on the basis of disability, veteran status or any other basis protected under federal, state or local laws.