IT Security & Compliance Manager
Mô tả công việc
The IT Security & Compliance Manager plays a critical role in protecting the organization’s information systems, data, and digital assets for casino and hotel operations. The position requires full responsibility for building strong cybersecurity frameworks and keeping the organization compliant with regulatory and industry standards and security awareness throughout the organization. The position demands active leadership to handle risks and incidents while making IT security match business goals within the fast- paced hospitality and gaming environment.
Key Responsibilities:
Security Strategy & Governance:
Establish and update security policies, procedures, and standards to mitigate risks and ensure compliance.
Develop, implement, and maintain a comprehensive IT security strategy tailored to casino and hotel operations.
Lead incident response, including investigation, containment, and remediation of security breaches.
Monitor networks, systems, and applications for vulnerabilities, threats, and security incidents using advanced tools (e.g., SIEM, IDS/IPS).
Compliance & Risk Management:
Perform third- party vendor risk assessments to ensure compliance with organizational security standards.
Ensure compliance with regulations and standards such as GDPR, PCI- DSS, ISO 27001, and local gaming and hospitality data protection laws.
Conduct regular security risk assessments, penetration tests, and vulnerability scans to identify and address weaknesses.
System & Data Protection:
Collaborate with IT teams to integrate security- by- design principles into systems, applications, and cloud environments (AWS, Azure, GCP).
Oversee identity and access management (IAM), encryption protocols, and data loss prevention (DLP) measures.
Training & Awareness:
Design and deliver cybersecurity awareness programs for employees, emphasizing risks specific to the casino and hotel industry (e.g., payment fraud, guest data protection).
Reporting & Communication:
Provide regular reports on security posture, incidents, and compliance status to senior leadership and stakeholders.
Communicate effectively with cross- functional teams to align security initiatives with business goals.
Innovation & Continuous Improvement:
Drive continuous improvement of security processes and tools to enhance resilience.
Stay abreast of emerging cybersecurity threats, trends, and technologies, particularly in the hospitality and gaming sectors.
Reporting Structure:
Collaborates with IT, operations, legal, and compliance teams.
Reports directly to the Director of IT or Chief Information Officer.
Yêu cầu công việc
Required Qualifications:
- Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field.
- Minimum 2 years of experience in IT security, compliance, or risk management, preferably in hospitality, gaming, or regulated industries.
- Strong expertise of cybersecurity frameworks (e.g., ISO 27001, NIST, COBIT) and compliance standards (e.g., GDPR, PCI- DSS).
- Hands- on experience with security tools such as firewalls, intrusion detection/prevention systems, SIEM, and endpoint protection.
- Proficiency in network and system administration across Windows, Linux, and cloud environments (AWS, Azure, GCP).
- Knowledge of local and international data protection regulations relevant to the casino and hotel industry.
- Exceptional problem- solving, communication, and leadership skills.
- Ability to work under pressure, manage multiple priorities, and respond to incidents in real time.
Preferable Qualifications:
Prior experience in the hospitality, gaming, or financial sectors, with an understanding of industry- specific risks (e.g., payment card security, guest data privacy).
Hands- on experience with VMware virtualization technologies (e.g., vSphere, ESXi, vCenter) for managing and optimizing enterprise IT infrastructure.
Professional certifications such as CISSP, CISM, CISA, CRISC, or ISO 27001 Lead Auditor.
Proactive, energetic, and results- driven mindset with a focus on innovation and continuous improvement.
Experience securing cloud- based infrastructures (AWS, Azure, GCP) and hybrid environments.
Quyền lợi
Employee Shuttle Service
Full salary, insurance and service charge during probation period
Salary review
Annual Leave
Duty meal
Uniform
Health checkup
Training & Development
Cập nhật gần nhất lúc: 2026-07-06 22:10:02









