Portfolio Business Information Security Officer

About the job

VACCINATION REQUIREMENT: MGM Resorts now requires that all new hires who do not exclusively work from home to provide proof of vaccination against COVID-19 before beginning work effective August 30, 2021 (excluding hourly employees for properties located in Michigan, Mississippi, New Jersey or Ohio).

Location:

Las Vegas, Nevada

Become one of the stars behind The SHOW and become part of the world’s most powerful entertainment brands. Our Company has one exciting mission: To entertain the human race.

Primary Purpose

The Portfolio Business Information Security Officer will collaborate with business stakeholders to understand information security needs, and will work with the Enterprise Information Security CybersecurityRisk & Compliance and IAM teams to develop solutions to meet the needs of the business. The PBISO will also coordinate with Information Security counterparts and leadership to oversee the continuous communication to the business all Information Security requirements for design, development, and implementation of Information Security policies, standards, controls, solutions, and services. This role will also be responsible for ensuring that technical products, platforms, programs, and solutions have followed MGM’s Information Security Policies and Standards as well as regulatory and internal requirements including Sarbanes-Oxley, payment card industry standards and Gaming regulations, as well as industry best practices.

Principal Duties And Responsibilities

  • Acts as the key liaison between Information Security, relevant business units, and outside vendors to understand and translate business requirements to functional and technical solutions to achieve commercial objectives
  • Owns the business relationship from the Information Security department and serves as a trusted advisor to the defined business stakeholders and systems owners ensuring business objectives, strategy, and interdependencies are well understood, documented, and communicated
  • Builds and continuously develops effective working relationships with the relevant business stakeholders to serve as a key decision maker and advisor on strategic business issues.
  • Proactively identifies information security deficiencies or opportunities for improvement and facilitates development of pragmatic solutions.
  • Monitors information security trends internal and external to the Company and keeps LOB leadership informed about information security-related trends
  • Supports creation of a technology roadmap by business unit taking into consideration security architecture, compliance, and business process design.
  • Leverages risk-based reporting to shape the risk posture and subsequently derive guidance to improve information security adoption across assigned lines of business.
  • Identifies and measure information security controls on most critical business processes or channels
  • Champions MGM’s Information Security strategy, ensuring enterprise objectives and requirements are communicated and understood by business stakeholders.
  • Maintains a strong understanding of the IT environment to manage the threat and risk landscape – application stacks, infrastructure components, and external facing footprint.
  • Coordinates information security risk assessments on internal and external services.
  • Perform other job-related duties as requested.

Minimum Requirements

  • Bachelor’s degree in Informa on Systems/Technology, Computer Science, Computer Engineering, or a related field; or equivalent work
  • Eight (8) + years’ experience in a variety of information security disciplines
  • Familiar with IT governance and compliance concepts, practices, and procedures, which includes IT General Controls, PCI-DSS, SOX and Gaming MICS (Minimal Internal Control Standards).
  • Ability to lead and prioritize in a high-pressure environment.

Preferred

  • CISSP, CISM and/or CISA highly desired.
  • Previous experience building, deploying, supporting, maintaining, troubleshooting and communicating Informa on Security solutions with business stakeholders and vendors
  • Previous experience working in a similar industry such as hospitality or gaming

CERTIFICATIONS, LICENSES, REGISTRATIONS:

  • Nevada Gaming License.
  • Any additional Gaming licenses as required

Knowledge, Skills, And Abilities

  • Proven ability to communicate technical concepts to non-technical people to enhance understanding and drive to decisions that lead to positive outcomes
  • Proven ability to collaborate, build relationships and influence individuals at all levels in a matrix-management environment (as well as external vendors and service providers) to ensure that
  • Strong organizational skills, the ability to perform under pressure and management of multiple priorities with competing demands for resources
  • Strong analytical, data processing and problem-solving skills
  • Proficiency in process formula on and continual improvement
  • Written and oral communication skills including interaction with business partners, vendors, and technical staff.
  • Demonstrated track record in the development and deployment to production of increasingly more complex solutions.
  • Knowledge of networking concepts and communication protocols.
  • Ability to organize, prioritize and delegate workload and withstand the pressure of multiple work assignments and short notice deadlines

More Information

Apply for this job

Leave your thoughts