Senior Cyber Security Engineer
CEC Entertainment, the global leader in family entertainment and operator of Chuck E. Cheese and Peter Piper Pizza restaurants, is seeking a Senior Cyber Security Engineer. This great opportunity will be based at our Corporate Support Center in Irving, TX and report to the Director, Information Security & Cyber Risk.
The Senior Cyber Security Engineer is a key person assisting in defining and building technical and business requirements for data protection to reduce cyber threats. This role is key in defining and developing processes and policies for: conducting periodic data security audits and developing plans around remediating findings from an internal audit team.
ESSENTIAL JOB FUNCTIONS:
- Identify and evaluate security gaps and will help to create security project plans on data protection strategies, architectures and implementation.
- Engage with IT and business leaders, on security matters ranging from policy and governance to security operations. Provide all administrative and tracking actions/collaboration activities regarding the Information Security Office interface with Business Unit Information Security Officers. Lead and ensure coordination and consensus with Business Unit teams to align processes and procedures to ensure common approach to security, audit and compliance activities.
- Lead the efforts to develop metrics and controls for demonstrating the effectiveness and value of security tools.
- Ensure all processes and accesses are in line with corporate policies. Supported the internal and external audits.
- Identify weak links in information security products and determine how to mitigate the control deficiencies.
- Maintain familiarity with industry trends and current security practices.
- Demonstrate ability to manage complex projects in an effective manner. This includes the ability to prepare detailed task plans outlining all requirements to complete the given assignment.
- Evaluate business process and application software, which effect the integrity, functionality, and reliability of the network and systems.
- Develop, enhance and operationalize policies & procedures to implement data protection controls and meet necessary regulatory/privacy requirements.
- Define strategy and execute roadmap to address all data protection requirements such as access/audit controls, anonymization / de-identification, encryption, retention and residency, within product and corporate roadmaps.
- Continually evaluate, evolve and implement tools, frameworks and methods to meet personal data protection needs.
- Evaluate frameworks and tools and drive the strategy and implementation of privacy preserving usage, analytics and machine learning.
- Lead any incident response related to data security.
- Monitor technology/automated processes to manage Data Subject Rights such as right to know and right to delete personal data and ensure they are kept up to date as our platform evolves and new data is added.
- Identify and assess data protection related risks including conducting security & privacy assessments using standards-based controls and providing mitigation guidance to the business teams.
- Partner with stakeholders such as product, engineering, sales and legal as part of execution and program enhancement.
- Develop and evangelize a security & privacy by-design mindset across the product and engineering organization to embed the same into the software development lifecycle.
- Create collateral and deliver privacy and personal data protection awareness/education/training to all employees, contractors, vendors.
- As the SME and authority on data protection you will mentor and provide guidance to other members of the team.
- Bachelor’s degree in Information Security, Computer Science or related field or equivalent work experience.
- Industry certifications such as CISSP, CISA, etc.
- Minimum of 10+ years of experience, with at least 4+ years implementing data protection and privacy requirements.
- Knowledge of server and desktop operating systems, specifically MS Server 2012 and 2016 and Windows 10.
- Knowledge of various security components including firewalls, IDS/IPS, ERD, UBA and SIEM solutions.
- Knowledge of securing cloud-based applications. Capacity to understand CEC’s application portfolio as well as how the different systems contribute to daily business operations.
- Detailed knowledge of major database platforms such as Microsoft SQLSERVER, MySQL, etc.
- Strong knowledge of data privacy regulations such as GDPR, CCPA etc.
- Experience with data protection and cyber security framework policies, processes and controls; such as: NIST CSF, ISO27001, SOC2, CIS, etc.
- Strong understanding of data security & privacy challenges in cloud environments such as AWS and Azure and expertise in developing and securing solutions in the cloud.
- Strong communication, written, presentation and interpersonal skills.
- Proven ability to work unsupervised, exercise leadership, and influence change
To perform the duties of this position, the incumbent must have the ability to sit, walk, stand, bend, twist, reach, and carry, lift, pull, push between 1 – 25 lbs. Incumbent must use a computer, with repetitive movement of both hands. Incumbent must be able to work an 8-hour shift, with some overtime. Incumbent must also be available to travel internationally to various locations by airplane or by operating a vehicle if needed.
For 40 years, CEC Entertainment has proudly served as the nationally recognized leader in family dining and entertainment and the place Where A Kid Can Be A Kid®. As the award-winning, number-one, kid-friendly restaurant for millions of families across the world, the company and its franchisees operate a system of more than 600 Chuck E. Cheese stores located in 47 states and 16 foreign countries and territories, and a system of more than 120 Peter Piper Pizza franchise and company-owned locations. More than 17,000 employees are dedicated to ensuring Every Guest Leaves Happy!
CEC Entertainment offers a wide variety of benefits including medical, dental, vision, life, disability and 401(k) retirement savings plan to eligible U.S. employees as part of their overall employment package. We also offer job training and career growth opportunities. We also offer a Work Today, Get Paid Tomorrow program.
* * *
At CEC Entertainment, we believe that our workforce should reflect the diverse backgrounds, experiences and perspectives of the many guests we serve. As an Equal Opportunity Employer, we do not discriminate against applicants due to race, ancestry, color, genetics, gender identity, gender expression, sexual orientation, national origin, religion, age, physical or mental disability, pregnancy, veteran status, or on the basis of any other federal, state or local protected class.