Governance Risk & Compliance Analyst, Information Security – Limassol

Job Overview

  • Qualifications Bachelor Degree
  • Industry Casino
  • Experience 3 Years

POSITION SUMMARY:

As a Governance Risk & Compliance Analyst, Information Security you will be responsible for the implementation and overall operation of Information Security. This includes the assistance in the development and implementation of comprehensive information security control, user education and training, compliance, incident response and security risk management

PRIMARY RESPONSIBILITIES:

  • Enforces Melco Information Security Policy based on industrial standards (e.g. ISO27001, NIST, PCI) and best practices across all Melco properties and locations
  • Develops and oversees security control systems to prevent or deal with violation of Information Security
  • Reviews and revises Information Security policies, procedures, standards, and checklists periodically
    to ensure compliance to the latest standards and best practices
  • Coordinates and supports an information security awareness program to deliver risk communication,
    awareness and training for audiences, which may range from senior leaders to field staff
  • Coordinates and supports external audit activities; performs annual internal audit in conjunction with internal policy, regulations, and governance.  Ensures audit findings are remediated and take corrective action
  • Reviews change/service request tickets in ticketing system within agreed SLA
  • Participates in evaluating, planning, and implementing of new cybersecurity technologies and systems
  • Creates, identifies, and enhances processes that may leverage new or existing technologies to improve protection or minimize risk
  • Monitors and analyses logs/alerts from SIEM and variety of cybersecurity tools, such as IPS, Anti-Virus, APT to enhance security posture
  • Monitors cloud and local environment on an ongoing basis to ensure that it remains secure and compliant with external regulations
  • Reviews firewall change requests and assesses organizational risk
  • Prepares incident reports of analysis methodology, root cause, and improvement plan
  • Remains informed on current standards, trends, and issues in the information security industry
  • Ensures cloud product (e.g. AWS, Azure) compliance with cyber-security industry frameworks
  • Assists in strategic information security planning based on industry-standard best practices to achieve
    business goals by prioritizing defense initiatives and coordinating the evaluation, deployment, and
    management of current and future information security technologies
  • Performs Risk Assessment and data privacy impact assessment (DPIA) on new systems/services
  • Supports Information Security incident and investigation activities
  • Performs Information Security Operation Calendar activities
  • Ensures findings from various security assessments i.e red team activities are remediated in timely manner

QUALIFICATIONS:

Experience

  • 3+ years of relevant experience in information security and Cyber Security
  • 2+ years of experience with security tools such as DLP, WSG, PIM/PAM, SIEM, MFA, APT solution, Vulnerability Management and End point protection
  • Experience with managing security in large organization, including implementation of security policies and procedures
  • Good knowledge of gaming, hospitality, finance, retail, and HR solutions
  • Good knowledge of Operating systems e.g. Windows, Unix, Linux
  • Good knowledge of Cloud platforms (e.g. AWS, Azure)
  • Good knowledge of application security vulnerabilities, testing techniques, and the OWASP framework.
  • Good knowledge of security frameworks and standards such as NIST, PCI-DSS, ISO 27001/ 27017 / 27018 / 27701
  • Understanding of General Data Protection Regulation (GDPR)
  • Solid understanding of network design, architecture, OSI model and TCP/IP
  • Experience with NOC/SOC and SIEM
  • Experience with incident handling and threat intelligence in a large enterprise
  • Exposure to Cloud computing
  • Security Strategic Planning and Security Risk Management
  • Knowledge of Web and application-based security
  • Knowledge of encryption, such as PKI, Kerberos, SSL

Education

  • Bachelor’s degree in Management Information System, Computer Science, or related disciplines
  • An information security or other similar technical certification such as Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or Certified Information Security Manager (CISM) is highly desirable
  • Certification in Privacy (e.g. CIPP/E, CIPM, CIPT, CDPO etc) will be considered as an advantage

Skills / Competencies

  • Proven excellence in researching, organizing, writing, and presenting technical information
  • Strong analytical and inter-personal skills to communicate technical information to non-technical
    background users
  • Capacity to work independently and in a team environment, with proven leadership ability and project management skills
  • Must have excellent analytical skills and be able to multi-task
  • Ability to understand the relationship between business processes, priorities, risk and their underlying technologies and security risks
  • Ability to keep pace with a fast pace and growing company
  • Achieves agreed objectives and accepts accountability for results
  • Displays the highest level of integrity
  • Ability to maintain discretion
  • Goal oriented and ability to meet deadlines
  • Strong analytical skills/problem solving/conceptual thinking
  • Ability to think strategically and execute against a strategic plan
  • Ability to identify, analyze and address problems to resolve issues whenever possible in a way that minimizes negative impact and risk to the organization
  • Effective organizational and time management skills required

PERSONAL COMPETENCIES:

  • Displays a high commitment to delivering results
  • Communicates effectively
  • Displays the highest level of integrity
  • Ability to maintain discretion
  • Self-motivated
  • Approachable

To apply, please click here: Governance Risk & Compliance Analyst, Information Security 

Company Information
  • Total Jobs 23 Jobs
  • Category Casino

Contact Us

Subscribe and receive our latest vacancies