IT Security & Compliance Manager

Position Summary
The IT Security & Compliance Manager plays a critical role in protecting the organization's information systems, data, and digital assets for casino and hotel operations. The position requires full responsibility for building strong cybersecurity frameworks and keeping the organization compliant with regulatory and industry standards and security awareness throughout the organization. The position demands active leadership to handle risks and incidents while making IT security match business goals within the fast-paced hospitality and gaming environment.
Key Responsibilities:
Security Strategy & Governance:
Develop, implement, and maintain a comprehensive IT security strategy tailored to casino and hotel operations.
Establish and update security policies, procedures, and standards to mitigate risks and ensure compliance.
Threat Monitoring & Incident Response:
Monitor networks, systems, and applications for vulnerabilities, threats, and security incidents using advanced tools (e.g., SIEM, IDS/IPS).
Lead incident response, including investigation, containment, and remediation of security breaches.
Compliance & Risk Management:
Conduct regular security risk assessments, penetration tests, and vulnerability scans to identify and address weaknesses.
Ensure compliance with regulations and standards such as GDPR, PCI-DSS, ISO 27001, and local gaming and hospitality data protection laws.
Perform third-party vendor risk assessments to ensure compliance with organizational security standards.
System & Data Protection:
Oversee identity and access management (IAM), encryption protocols, and data loss prevention (DLP) measures.
Collaborate with IT teams to integrate security-by-design principles into systems, applications, and cloud environments (AWS, Azure, GCP).
Training & Awareness:
Design and deliver cybersecurity awareness programs for employees, emphasizing risks specific to the casino and hotel industry (e.g., payment fraud, guest data protection).
Reporting & Communication:
Provide regular reports on security posture, incidents, and compliance status to senior leadership and stakeholders.
Communicate effectively with cross-functional teams to align security initiatives with business goals.
Innovation & Continuous Improvement:
Stay abreast of emerging cybersecurity threats, trends, and technologies, particularly in the hospitality and gaming sectors.
Drive continuous improvement of security processes and tools to enhance resilience.
Reporting Structure:
Reports directly to the Director of IT or Chief Information Officer.
Collaborates with IT, operations, legal, and compliance teams.