- Leads with IT and Internal Audit teams to ensure compliance with internal controls.
- Promotes technology “best practice” compliance standards.
- Collaborates with third party vendors, where appropriate.
- Generates and provides regular compliance reports and scorecards.
- Facilitates Gaming, Sarbanes-Oxley (SOX), Payment Card Industry (PCI), Privacy and Protected Health information compliance efforts.
- Completes the Technology Compliance Risk Assessment process for applications and systems.
- Experienced in the use of Compliance tools.
- Ability to facilitate meetings and drive agendas.
Sarbanes-Oxley Section 404:
- Plans, prepares, tests, submits and tracks technical and control submissions to the appropriate regulators.
- Accurately records and reports on the status of submissions and approvals.
- Provides timely and accurate submissions to regulators in all jurisdictions concerned. In addition, ensures that submissions are complete in both content and detail to meet regulators’ expectations.
- Works with the Nevada Gaming Control Board auditors to provide information for properties with regard to IT devices and processes.
- Reviews all technical and controls submission packages to the specifications of each jurisdiction according to internal company procedures.
- Ensures that urgent or special changes are expedited, coordinated and that the regulator is informed in accordance with requirements or internal controls.
- Provides advice and assistance to individual properties in the development of documented internal controls pertaining to Information Technology.
- Controls regulatory submission documentation.
Payment Card Industry (PCI):
- Facilitates annual testing with internal and external auditors.
- Leads and assists teams with their SOX remediation efforts.
- Manages audit reviews throughout the year to ensure best practices are integrated into all environments.
- Works with auditors to gather information for risk assessments.
- Understands IT controls related to PCI requirements.
- Assists with the remediation of items from annual QSA reviews.
- Performs other job related duties as assigned.
- At least 2 years experience in an IT Compliance or Security Risk Management position.
- Bachelor degree, plus 2 years experience in Information Technology and/or 4 years experience in Information Technology.
- Exhibit knowledge of a hospitality/gaming environment and how the business is affected by regulatory requirements.
- Knowledgeable and capable of working in a 24x7 environment.
- Provides 24x7 on-call support, as needed/
- Able to work independently with minimal supervision.
- Exhibit a sincere interest and passion to become a compliance advocate for Information Technology.
- Highly ethical and discreet with ability to maintain confidentiality.
- Excellent interpersonal telephone skills and the ability to empathize with customer’s needs, while enforcing company policies.
- Highly organized and possess excellent written and verbal communication skills.
- Display motivational attributes (self and others).
- Excellent customer service skills.
- Have interpersonal skills to deal effectively with all business contacts.
- Professional appearance and demeanor.
- Work varied shifts, including weekends and holidays.
- High School diploma or equivalent.
- Able to effectively communicate in English, in both written and oral forms.
- At least 1 year of project management experience.
- Experience or exposure in working with auditors.
- CISSP and/or CISA.
- Previous experience working in a similar resort setting.
MGM Resorts International
- 2 years ago - save job
It's not your imagination -- MGM Resorts International (formerly MGM MIRAGE) is one of the world's largest gaming firms. The...