POSITION OVERVIEW

The Cybersecurity & Compliance Vice President is responsible for ensuring the Company’s and guest’s information assets are protected while managing the daily IT compliance operations of the Company. The Cybersecurity & Compliance Vice President will lead the Cybersecurity & Compliance team.

QUALIFICATION REQUIREMENTS

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Must be at least 21 years of age.

• Bachelor’s Degree in IT or related field and/or equivalent combination of education and experience
• Fifteen (15) years’ experience in a senior IT or cybersecurity managerial position, or an equivalent combination of education and experience
• Key industry certifications in Information Security, such as CISSP, CISM, CISA or CMM
• Demonstrated experience in a gaming cybersecurity organization
• Proven effective leadership and management of assigned personnel with department lead preferred
• Demonstrated knowledge of information security standards, rules, and regulations related to information security and data confidentiality
• Strong understanding of Nevada gaming regulations and minimum internal controls
• Ability to navigate complex regulations (including but not limited to CMMC, HIPPA, NIST, ISO24001, ISO27001, GDPR, etc.), ensuring compliance without hindering innovation or operational efficiency
• Proven experience in identifying, classifying, and protecting data assets
• Strong leadership skills and the ability to organize effectively, delegate responsibility, solve problems quickly and communicate clearly
• Ability to provide leadership and direction contributing to the success of the organization through engaging, developing, and mentoring individuals and teams

LANGUAGE SKILLS

Ability to read and interpret documents in English, such as safety rules, operating and maintenance instructions, and procedure manuals. Ability to read and communicate verbally in English. Written communication skills in English may also be required.

ESSENTIAL DUTIES AND RESPONSIBILITIES

The following and other duties may be assigned as necessary:

• Lead a team of cyber professionals to strengthen partnerships with business and manage the Company’s cyber risk
• Develop and implement a strategic long-term cybersecurity strategy and roadmap to ensure the Company’s and guest’s information assets are appropriately protected
• Establish and enforce third-party cybersecurity risk management processes, including assessments, audits, and continuous monitoring
• Define key cybersecurity metrics and reporting frameworks that provide transparent risk posture visibility to executive leadership at the Company
• Secure a gaming environment by understanding the unique operational priorities, especially focusing on system availability. Must effectively communicate with management to balance technical security measures with the critical need for uninterrupted operations
• Stay informed about the latest cybersecurity threats, vulnerabilities, and attack techniques through threat intelligence sources, industry publications, and security research
• Build a collaborative culture with the business leads in the Company
• Partner with legal and compliance teams to navigate a complex regulatory environment and action strategies to ensure compliance
• Champion cybersecurity awareness programs
• Improve end-user experience for maximum efficiency and productivity
• Temporary or permanent duties and responsibilities may be added to or modified as deemed necessary

SUPERVISORY RESPONSIBILITIES

This position supervises all positions in the Cybersecurity & Compliance department.

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Must be at least 21 years of age.

• Bachelor’s Degree in IT or related field and/or equivalent combination of education and experience
• Fifteen (15) years’ experience in a senior IT or cybersecurity managerial position, or an equivalent combination of education and experience
• Key industry certifications in Information Security, such as CISSP, CISM, CISA or CMM
• Demonstrated experience in a gaming cybersecurity organization
• Proven effective leadership and management of assigned personnel with department lead preferred
• Demonstrated knowledge of information security standards, rules, and regulations related to information security and data confidentiality
• Strong understanding of Nevada gaming regulations and minimum internal controls
• Ability to navigate complex regulations (including but not limited to CMMC, HIPPA, NIST, ISO24001, ISO27001, GDPR, etc.), ensuring compliance without hindering innovation or operational efficiency
• Proven experience in identifying, classifying, and protecting data assets
• Strong leadership skills and the ability to organize effectively, delegate responsibility, solve problems quickly and communicate clearly
• Ability to provide leadership and direction contributing to the success of the organization through engaging, developing, and mentoring individuals and team