Analyst - IT Compliance

Wynn Resorts - Las Vegas, NV

posted 5 months ago

Full-time
Las Vegas, NV
Accommodation

About the position

The Analyst - InfoSec GRC (Governance, Risk, and Compliance) is a pivotal role within the Wynn Resorts North America team, primarily focused on supporting the objectives of the GRC team. This position is responsible for performing control testing procedures and organizing essential documentation such as architecture diagrams, data flow diagrams, and vendor documentation to demonstrate compliance effectiveness to both internal and external auditors. The Analyst will play a crucial role in supporting the GRC program, reporting directly to the Supervisor - IT GRC and the Manager - IT GRC, while also receiving general direction from the VP of Information Security, CISO, and Executive Director of Information Security Engineering. The GRC team is one of the five pillars of Information Security under the Chief Information Security Officer, alongside Architecture & Engineering, Incident Response, Identity & Access Management, and Data Security. The Analyst will ensure compliance with industry and government regulations, continuously improve compliance audit procedures, and support compliance monitoring across various systems. This role requires collaboration with peers and management to operationalize technical compliance requirements effectively, maintain a central repository for audit evidence, and stay updated on best practices and technological advancements in the field. The Analyst will also evaluate risks, develop security standards, and improve security positioning through process enhancements and automation. This position demands a strong understanding of regulatory requirements, the ability to communicate effectively with both technical and non-technical stakeholders, and a commitment to maintaining confidentiality and professionalism in high-pressure situations.

Responsibilities

  • Perform control testing procedures as part of the InfoSec GRC team.
  • Organize supporting documentation including architecture diagrams, data flow diagrams, and vendor documentation.
  • Ensure and monitor compliance with industry and government rules and regulations.
  • Review and improve written compliance audit and due diligence procedures.
  • Support compliance monitoring of all systems where GRC is the business stakeholder.
  • Share information with managers to avoid surprises and ensure timely delivery.
  • Identify, evaluate, recommend, and implement technical improvements to mitigate control failures.
  • Conduct periodic reviews of audits to optimize audit procedures and technical artifacts.
  • Support SOC 2 and global compliance audits.
  • Collaborate with peers and management to ensure enterprise technical compliance requirements are operationalized.
  • Maintain and monitor a central repository for audit evidence.
  • Remain knowledgeable on current best practices and technological advancements.
  • Participate in training for IT GRC across IT and various business units.
  • Evaluate risks and develop security standards, procedures, and controls.
  • Improve security positioning through process improvement, policy, and automation.

Requirements

  • College diploma or university degree in computer science or related discipline.
  • 2 years of equivalent work experience in audits, assessments, risk, remediation, or cyber security compliance management.
  • Experience in compliance with industry standards such as SOX, PCI, MICS, NIST, and HIPAA.
  • Ability to work independently and prioritize multiple tasks.
  • Strong analytical skills to define problems, collect and analyze data, and draw valid conclusions.
  • Excellent communication skills to translate regulations and standards to various audiences.
  • Knowledge of GRC tool techniques is a plus.
  • Familiarity with information security management principles and practices.

Nice-to-haves

  • Compliance-related certification or training such as CISA, PCI-ISA, or Splunk Searching and Reporting.
  • Working knowledge of Information Technology systems at various layers including application, data, and networking.
  • Experience in troubleshooting and operating various software packages.

Benefits

  • Equal opportunity employer committed to hiring a diverse workforce.
  • Inclusive culture that does not discriminate based on disability or veteran status.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service