Security Strategy & Governance
- Develop, implement, and maintain a comprehensive IT security strategy tailored to casino and hotel operations.
- Establish and update security policies, procedures, and standards to mitigate risks and ensure compliance.
Threat Monitoring & Incident Response
- Monitor networks, systems, and applications for vulnerabilities, threats, and security incidents using advanced tools (e.g., SIEM, IDS/IPS).
- Lead incident response, including investigation, containment, and remediation of security breaches.
Compliance & Risk Management:
- Conduct regular security risk assessments, penetration tests, and vulnerability scans to identify and address weaknesses.
- Ensure compliance with regulations and standards such as GDPR, PCI- DSS, ISO 27001, and local gaming and hospitality data protection laws.
- Perform third- party vendor risk assessments to ensure compliance with organizational security standards.
System & Data Protection:
- Collaborate with IT teams to integrate security- by- design principles into systems, applications, and cloud environments (AWS, Azure, GCP).
- Oversee identity and access management (IAM), encryption protocols, and data loss prevention (DLP) measures.
Training & Awareness:
- Design and deliver cybersecurity awareness programs for employees, emphasizing risks specific to the casino and hotel industry (e.g., payment fraud, guest data protection).
Reporting & Communication:
- Communicate effectively with cross- functional teams to align security initiatives with business goals.
- Provide regular reports on security posture, incidents, and compliance status to senior leadership and stakeholders.
Innovation & Continuous Improvement:
- Stay abreast of emerging cybersecurity threats, trends, and technologies, particularly in the hospitality and gaming sectors.
- Drive continuous improvement of security processes and tools to enhance resilience.
Reporting Structure:
- Reports directly to the Director of IT or Chief Information Officer.
- Collaborates with IT, operations, legal, and compliance teams.
