IT Security & Compliance Manager

Key Responsibilities:

1. Security Strategy & Governance:

o Develop, implement, and maintain a comprehensive IT security strategy tailored to casino and hotel operations.

o Establish and update security policies, procedures, and standards to mitigate risks and ensure compliance.

2. Threat Monitoring & Incident Response:

o Monitor networks, systems, and applications for vulnerabilities, threats, and security incidents using advanced tools (e.g., SIEM, IDS/IPS).

o Lead incident response, including investigation, containment, and remediation of security breaches.

3 Compliance & Risk Management:

o Conduct regular security risk assessments, penetration tests, and vulnerability scans to identify and address weaknesses.

o Ensure compliance with regulations and standards such as GDPR, PCI-DSS, ISO 27001, and local gaming and hospitality data protection laws.

o Perform third-party vendor risk assessments to ensure compliance with organizational security standards.

4 System & Data Protection:

o Oversee identity and access management (IAM), encryption protocols, and data loss prevention (DLP) measures.

o Collaborate with IT teams to integrate security-by-design principles into systems, applications, and cloud environments (AWS, Azure, GCP).

5 Training & Awareness:

o Design and deliver cybersecurity awareness programs for employees, emphasizing risks specific to the casino and hotel industry (e.g., payment fraud, guest data protection).

6 Reporting & Communication:

o Provide regular reports on security posture, incidents, and compliance status to senior leadership and stakeholders.

o Communicate effectively with cross-functional teams to align security initiatives with business goals.

7 Innovation & Continuous Improvement:

o Stay abreast of emerging cybersecurity threats, trends, and technologies, particularly in the hospitality and gaming sectors.

o Drive continuous improvement of security processes and tools to enhance resilience.

Reporting Structure:

• Reports directly to the Director of IT or Chief Information Officer.

• Collaborates with IT, operations, legal, and compliance teams.

Required Qualifications:

• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field.

• Minimum 2 years of experience in IT security, compliance, or risk management, preferably in hospitality, gaming, or regulated industries.

• Strong expertise of cybersecurity frameworks (e.g., ISO 27001, NIST, COBIT) and compliance standards (e.g., GDPR, PCI-DSS).

• Hands-on experience with security tools such as firewalls, intrusion detection/prevention systems, SIEM, and endpoint protection.

• Proficiency in network and system administration across Windows, Linux, and cloud environments (AWS, Azure, GCP).

• Knowledge of local and international data protection regulations relevant to the casino and hotel industry.

• Exceptional problem-solving, communication, and leadership skills.

• Ability to work under pressure, manage multiple priorities, and respond to incidents in real time.

Preferable Qualifications:

• Professional certifications such as CISSP, CISM, CISA, CRISC, or ISO 27001 Lead Auditor.

• Experience securing cloud-based infrastructures (AWS, Azure, GCP) and hybrid environments.

• Hands-on experience with VMware virtualization technologies (e.g., vSphere, ESXi, vCenter) for managing and optimizing enterprise IT infrastructure.

• Prior experience in the hospitality, gaming, or financial sectors, with an understanding of industry-specific risks (e.g., payment card security, guest data privacy).

• Proactive, energetic, and results-driven mindset with a focus on innovation and continuous improvement.