Become one of the stars behind The SHOW and become part of the world's most powerful entertainment brands. Our Company has one exciting mission: To entertain the human race.
The Director of Technology Compliance is responsible for the overseeing and delivery of IT Audits including but not limited to Payment Card Industry (PCI), Sarbanes-Oxley (SOX), and Minimum Internal Control Standards (MICS). This position acts as the main liaison between MGMRI IT and the Gaming Boards, and will also oversee vendor assessments to reduce overall risk to the company. POSITION DUTIES AND RESPONSIBILITIES:
- Responsible for the IT Compliance program
- Understands and champions IT controls for SOX, PCI, Gaming and any other regulatory audits
- Creates processes and procedures for a third party vendor assessment program.
- Oversees vendor relationship discovery and remediation, vendor access reviews and vendor information repositories
- Instills goodwill among regulators, clients, staff, vendors and stakeholders.
- Promotes technology "best practice" compliance and standards.
- Collaborates with IT and Internal Audit teams to ensure compliance with internal controls.
- Assists with the proper maintenance of changes to technical security/governance standards or regulations.
- Generates and provides regular compliance reports/scorecards to Executive Management.
- Oversees the planning, preparation, testing, submission and tracking of technical and control submissions to internal/external auditors as well as any appropriate regulators.
- Review all technical and control submission packages to the specifications of each jurisdiction according to internal company procedures.
- Ensures that urgent or special changes are expedited and coordinated and that regulators are informed in accordance with requirements or internal controls.
- Provides advice and assistance to individual properties in the development of documented internal controls pertaining to IT.
- Annually review and update IT Internal Control Standards.
- Maintains a dossier of all property internal control and operating procedures and ensures properties update these, as required, by new regulations or product changes.
- Ensures that requests from any audit or regulatory organizations are processed and expedited accordingly.
- Coordinates and facilitates annual testing with internal and external auditors.
- Communicates SOX requirements to IT and works with areas through any remediation efforts.
- Oversees accurate records and the reporting of daily and monthly updates for Executive Management.
- Represents the Compliance department as the key representative for IT on the SOX Project managed by corporate executives.
- Works with Internal Audit to facilitate year-end audit reporting.
- Oversees audit reviews throughout the year to ensure best practices are integrated into all environments.
- Develops and manages a system that ensures IT areas are informed about SOX requirements and are using best practices.
- Understands and champions IT controls related to PCI requirements.
- Coordinates quarterly and annual testing with internal and external auditors.
- Communicates PCI requirements to IT and assist with compliance process.
- Oversees project management of any remediation items from yearly QSA review.
- Develops and manages system that ensures timely and accurate submissions are made to all payment card regulators. In addition, ensures that submissions are complete in content and detail to meet regulators expectations.
- Oversees the management of requirements for the quarterly scanning process.
- Acts as a PCI advocate for all MGMRI IT communications with other departments and organizations.
- Works with Legal to understand legislature requirements for IT systems and processes.
- Champions and drives enforcement of legislature requirements for IT systems and processes within the company.
- Correlates all IT Governance and information security controls across multiple regulations (MICS/PCI/SOX, etc.) to ensure controls are being properly implemented and maintained to the most conservative set of requirements.
- Sr. Program Mangers, Senior Compliance Analysts and/or Compliance Analysts
CERTIFICATES, LICENSES, REGISTRATIONS
- Bachelor's Degree in Computer Science or a related field or equivalent work experience.
- 7 years of experience in Information Technology/Security Risk Management
- Previous Director-level experience in the field of Technology Compliance.
- Must have a high level of understanding for the following regulations:
- Must excel working in a fast-paced environment
- Demonstrated proficiency in audits and experience or exposure working with auditors required
- Must exhibit knowledge of a hospitality/gaming environment and how the business is affected by regulatory requirements.
- Must have worked in a regulated environment previously.
- Must have excellent writing and verbal communications skills. Capable of communicating different levels of information to various, different stakeholders as well as executive management.
- CISA /CISSP certification is highly desired.
- Applicant must be eligible for gaming license, which requires the applicant does not have a criminal background among other things.
- Proof of eligibility to work in the United States.