Analyst - InfoSec GRC Job at Wynn Las Vegas, Las Vegas, NV

N3J4Z05ONHhabWJRNUozQlkvU3lRbDRmRVE9PQ==
  • Wynn Las Vegas
  • Las Vegas, NV

Job Description

Job Description

Job Description

Job Description

The Analyst – InfoSec GRC (Governance, Risk, and Compliance) is the primary resource supporting the objectives of the GRC team for Wynn Resorts North America.

This role performs control testing procedures as part of the InfoSec GRC team of analysts, organizes supporting documentation including architecture diagrams, data flow diagrams, vendor documentation, etc. to demonstrate effectiveness to internal and external auditors.

This role will be key in supporting the GRC program, reporting to the Supervisor – IT GRC, and the Manager – IT GRC, with general direction from the VP of Information Security and CISO and Executive Director of Information Security Engineering.

The GRC team supports one of the five pillars of Information Security under the Chief Information Security Officer; the others are Architecture & Engineering, Incident Response, Identity & Access Management, and Data Security.

Job Responsibilities

  • Ensuring and monitoring compliance with industry and government rules and regulations at all levels to support effective and auditable compliance to applicable industry standard and regulations (SOX, PCI, MICS, NIST, HIPAA, etc.)
  • Review and continuously improve written compliance audit and due diligence procedures for execution by various technical and non-technical staff, including other GRC analysts, internal auditors, and IT staff.
  • Understand and enforce all applicable regulatory requirements and artifacts for control requirements, including but not limited to SOX, PCI-DSS, NIST, and jurisdictional specific Minimum Internal Control Standards (MICS).
  • Support tasks and compliance monitoring of all systems where GRC is the business stakeholder, including tools used for audit automation, asset management, application inventory, change management, and vulnerability management.
  • Evaluates risks and develops security standards, procedures, and controls to manage risks. Improves security positioning through process improvement, policy, automation, and the continuous evolution of capabilities.
  • Share information with managers to avoid surprises, draw attention to problems, and guarantee delivery on time.
  • Identify, evaluate, recommend, and implement technical improvements to mitigate control failures and gaps for stakeholders.
  • Conducts periodic reviews of audits to optimize audit procedures and technical artifacts. Support SOC 2 and global compliance audits.
  • Collaborate with peers and management in various teams to ensure enterprise technical compliance requirements are effectively operationalized. This includes assisting departments in responding to inquiries from the business departments about ongoing operational compliance.
  • Maintain and monitor a central repository for audit evidence.
  • Remain knowledgeable on current best practices and technological advancements and act as a technical resource for security assessment and regulatory compliance.
  • Participation in all training for IT GRC across IT and various business units.
  • Other duties as assigned.
Qualifications

  • Bachelor of Science degree in computer science or similar discipline and/or a minimum of two (2) years of equivalent work experience.
  • A minimum of two (2) Years of applied work experience in audits, assessments, risk, remediation, cyber security programs, or cyber security compliance management.

Requirements

  • Strong consideration given for compliance related certification or trainings, specifically with one or more of the following certifications or training: CISA, PCI-ISA, Splunk Searching and Reporting
  • Working knowledge of Information technology systems at the application, data, operating system, virtualization, storage, and networking layers is a plus. Willingness to obtain this knowledge is a must
  • Troubleshooting and operating a computer and various software packages. Knowledge of GRC tool techniques is a plus
  • Comprehend technical language and to confer, analyze and write in an objective, lucid manner
  • Knowledge of applicable information security management, governance, and compliance principles, practices, laws, rules, and regulations.
  • Defining problems, collecting, and analyzing data, establishing facts, and drawing valid conclusions
  • General ability to pull data from database tables, database views, application sources, and other data stores for compliance reporting
  • Familiarity with state, local, federal, and gaming laws & regulations, as well as risk assessment and management methodology
  • Using judgment and ingenuity in maintaining objectives and technical standards
  • Ability to apply a risk-based approach to planning, executing, and reporting on audit engagements and auditing process
  • Effectively translate industry regulations, standards, and internal controls to all audience types, including non-technical stakeholders and highly technical IT engineers and architects
  • Excellent ability to collaborate with other teams with alternative or conflicting areas of focus
  • Poise and ability to act calmly and competently in high-pressure, high-stress situations
  • Work independently and prioritize multiple tasks and adapt to needed changes
  • Must be a critical thinker with strong problem-solving skills
  • Remain calm under high pressure/difficult situations
  • Maintaining confidentiality
  • Visa Sponsorship is not available for this position

Additional Information

Wynn Resorts is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. Wynn Resorts does not discriminate on the basis of disability, veteran status or any other basis protected under federal, state or local laws.

Job Tags

Work experience placement, Local area,

Similar Jobs

Botanic

Landscaper Job at Botanic

 ...growth Remove weeds and dead plants Monitor and maintain plant health Trim overgrown limbs, hedges, and leaves Uphold the landscaping design and ensure plant growth Plant new decorative bushes, flowers, plants, and shrubs Participate in maintenance repairs... 

The Free Press MEDIA

Newspaper Delivery Job at The Free Press MEDIA

 ...Looking to make a little extra CASH? We are looking for part-time independent contractors to deliver newspapers for The Free Press! Perfect for a stay-at-home parent, retired person, college student, or anyone who wants to work just a few hours a day Tuesday-Sunday.... 

Randstad

Warehouse Cherry Picker> Job at Randstad

 ...Randstad - [Warehouse / Forklift / Material Handler] Randstad is currently seeking Cherry Pick positions to join our local, established client. We have long-term and...  ...available. Job requires operating a cherry picker, putting away product from the day, picking and pulling... 

BJC HealthCare

Dialysis Registered Nurse - Part Time Job at BJC HealthCare

 ...Benefits Eligible The BJC Registered Nurse Career Ladder differentiates BJC as the place...  ...Credentialing Center. The Acute Dialysis Unit at Barnes-Jewish Hospital provides the...  ...machines that enable dialysis RNs to travel throughout the hospital and provide dialysis... 

Fisher Investments

Digital Workplace Manager Job at Fisher Investments

 ...innovation at a growing firm? Do you enjoy leading highly technical teams and working to create strategic solutions? If so, our Digital Workplace Manager role may be the right fit for you! The Opportunity: Fisher Investments is looking for a Digital Workplace...