Last Updated: 2019/05/03
Company: Casino Resorts Industry: Hotel Industry
Participate in all technical and control submissions to the appropriate parties, develop Governance, Risk and Compliance (GRC) strategic metrics that can provide the Resort a picture of IT Compliance and Risk posture.
Oversee accurate GRC records and the reporting of daily and monthly updates for Executive Management, develop, evolve and promote technology ‘best practice’ compliance and risk standards, maintain the daily operations of GRC tasks.
Collaborate with Digital and Technology Solutions and Internal/External Audit teams to ensure compliance with controls, oversee audit reviews in ensuring best practices are integrated into all environments.
Work with internal/external auditors to provide information with regards to IT devices, procedures, policies, processes and risk assessments, coordinate and facilitate annual testing with internal and external auditors.
Responsibilities include facilitation of Gaming, Sarbanes-Oxley (SOX), Payment Card Industry (PCI), and privacy information compliance efforts, understand and champion Digital and Technology Solutions controls related to PCI requirements.
Review all technical and control submission packages to the specifications of each jurisdiction according to internal company procedures, coordinate responses to proposed changes to technical standards or regulations.
Provide advice and assistance in the development of documented internal controls pertaining to Digital & Technology Solutions to support Governance Manager, establish procedures and lead efforts controls and processes. Work closely with Security Operations to support vulnerability prioritize and close gaps.
Understand and champion Digital and Technology Solutions controls related to Sarbanes-Oxley Section 404 requirements, develop and manage a system that ensures Digital and Technology Solutions areas are informed about SOX requirements and using best practices.
Bachelor degree in Accounting & Audit, Business Administration or IT-related disciplines.
Minimum 8 years of work experience in IT audit, compliance-related roles, or any IT-related functions.
Information Security experience is preferred.
CIA, CGEIT, CRISC, CISA, CISM or any audit/security-related certification. CRISC advantageous.
Demonstrated proficiency in audits; experience or exposure with working with auditors.