Manager - IT Governance, Risk & Compliance in Las Vegas, NV at Wynn Careers

Date Posted: 8/15/2022

Job Snapshot

Job Description

The Manager – IT GRC (Governance, Risk, and Compliance) is responsible for managing and maturing the Information Technology governance, risk, and compliance operations of Wynn Resorts North America through management of direct reports and collaboration with staff from Information Technology, Compliance, Legal & Privacy, and Internal Audit. Reporting to the Executive Director of Information Security, this role will be key in growing the existing compliance team into the newly restructured GRC program. The GRC team supports one of the four pillars of Information Security under the Chief Information Security Officer; the others are Architecture & Engineering, Incident Response, and Identity & Access Management.

Job Responsibilities

  • Understand and enforce all applicable regulatory requirements and artifacts for control requirements, including but not limited to SOX, PCI-DSS, and jurisdictional specific Minimum Internal Control Standards (MICS).
  • Act as the liaison for regulatory third-party assessors including relevant Gaming Control Boards and PCI-DSS assessors.
  • Improve and maintain custom frameworks for tracking regulatory compliance requirements to audit artifacts, including defined procedures for each artifact with an associated calendar of due dates.
  • Collaborate with peers and leaders across the organization to ensure enterprise compliance requirements are maintained, enforced, and operationalized.
  • Improve and maintain a comprehensive policy library, tying IT procedures, guidelines, and standards to approved company policy. Manage and socialize documentation of standard operating procedures for IT.
  • Improve and maintain the application inventory system as the source of record for approved business applications. Define and govern application ownership and assignment of application-specific responsibilities through written guidelines such as a RACI matrix.
  • Redefine the asset classification structure. Build procedures for assets and license inventory and coordinate the activities of the asset management team to execute.
  • Manage the technical risk registry and related compensating controls under guidance from Information Security leadership.
  • Manage and maintain corporate compliance for the patch management process through assessment and reporting of system vulnerabilities. Track operational remediation efforts against defined Service Level Agreements (SLAs).
  • Lead and optimize the weekly Production Change Request (PCR) process to improve quality and accountability of system changes.
  • Lead both manual and automation efforts to ensure systems for both employee and vendors adhere to the least privilege model of role-based access.
  • Oversee all training for IT GRC across IT and various business units.
  • Where necessary, supervise recruitment, development, retention, and organization of system staff in accordance with corporate budgetary objectives and personnel policies.
  • Develop metrics for the department and opportunities for improvement.
  • Other duties as assigned.

 

Job Requirements

  • College diploma or university degree in computer science or IT management and/or 7 years of equivalent work experience. 5 years IT compliance experience at minimum.
  • Exceptional ability to create, lead creation of, and manage technically precise documentation, with patience to give and receive feedback to make iterative improvements over time.
  • High level of personal integrity and ability to show an appropriate level of judgment and maturity.
  • Excellent written and oral communication and presentation skills for leadership, technical and business audiences
  • General ability to pull data from database tables, database views, application sources, and other data stores for the purpose of compliance reporting.
  • Poise and ability to act calmly and competently in high-pressure, high-stress situations.
  • Must be a critical thinker with strong problem-solving skills.
  • Detail oriented, self-motivated and disciplined, with excellent time management skills
  • Working technical knowledge of systems including server, racks, storage, appliance & monitoring tools.
  • Strong understanding of IT regulations and ordinances.
  • Proven experience in planning, organizing, and developing IT compliance initiatives.
  • Excellent understanding of project management principles.
  • Audit or accounting background is a plus.
  • Working knowledge of all state, local, federal, and gaming laws & regulations.
  • Strong consideration given for compliance related certification or trainings, specifically with one or more of the following certifications or training: CISA, CISM, CRISC, PCI-ISA, PCI-QSA, CSOE, CRCM, Splunk Searching and Reporting.

Wynn Resorts is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. Wynn Resorts does not discriminate on the basis of disability, veteran status or any other basis protected under federal, state or local laws.

CHECK OUT OUR SIMILAR JOBS

  1. IT Jobs
  2. IT Manager Jobs