On behalf of Melco Resorts & Entertainment a world leader in development and operations of casino gaming and entertainment casino resort facilities, GRS are seeking to recruit an Information Security Analyst. This is an excellent opportunity for any individual who wants to work in a company that believes in the implementation of innovative products and services and is interested in attracting the best possible candidate.
Melco Resorts & Entertainment is a well-established international company that intends to offer the best entertainment experience that aims to appeal to a broad spectrum of customers and thereby become the leader of gaming industry in the region.
If you are seeking an exciting challenge where you can contribute to the development and implementation of comprehensive information security control, user education and training, compliance, incident response and security risk management, and have the necessary skills and experience, then the Information Security Analyst is an excellent career opportunity in Limassol.
MAIN DUTIES AND RESPONSIBILITIES
-
Enforce Melco Information Security Policy based on industrial standards (e.g. ISO27001, NIST, PCI) and best practices across all Melco properties and locations.
-
Develop and oversee security control systems to prevent or deal with violation of Information Security Policies and Standards.
-
Review and revise Information Security policies, procedures, standards, and checklists periodically to ensure compliance to the latest standards and best practices.
-
Coordinate/support an information security awareness program to deliver risk communication, awareness and training for audiences, which may range from senior leaders to field staff.
-
Coordinate/support external audit activities; perform annual internal audit in conjunction with internal policy, regulations, and governance. Ensure audit findings are remediated and take corrective action.
-
Review change/service request tickets in ticketing system within agreed SLA.
-
Participates in evaluating, planning, and implementing of new cybersecurity technologies and systems.
-
Creates, identifies, and enhances processes that may leverage new or existing technologies to improve protection or minimise risk.
-
Monitors and analyses logs/alerts from SIEM and variety of cybersecurity tools, such as IPS, Anti-Virus, APT to enhance security posture.
-
Monitors cloud and local environment on an ongoing basis to ensure that it remains secure and compliant with external regulations.
-
Reviews firewall change requests and assesses organizational risk.
-
Prepares incident reports of analysis methodology, root cause, and improvement plan.
-
Remain informed on current standards, trends, and issues in the information security industry.
-
Ensure cloud product (e.g. AWS, Azure) compliance with cyber-security industry frameworks.
-
Assist in strategic information security planning based on industry-standard best practices to achieve business goals by prioritizing defence initiatives and coordinating the evaluation, deployment, and management of current and future information security technologies.
-
Perform Risk Assessment and data privacy impact assessment (DPIA) on new systems/services.
-
Support Information Security incident and investigation activities.
-
Perform Information Security Operation Calendar activities.
-
Ensure findings from various security assessments i.e red team activities are remediated in timely manner.
CANDIDATE PROFILE
-
3+ years of relevant experience in information security and Cyber Security.
-
2+ years of experience with security tools such as DLP, WSG, PIM/PAM, SIEM, MFA, APT solution, Vulnerability Management and End point protection.
-
Experience with managing security in large organization, including implementation of security policies and procedures.
-
Good knowledge of gaming, hospitality, finance, retail, and HR solutions.
-
Good knowledge of Operating systems e.g. Windows, Unix, Linux.
-
Good knowledge of Cloud platforms (e.g. AWS, Azure).
-
Good knowledge of application security vulnerabilities, testing techniques, and the OWASP framework.
-
Good knowledge of security frameworks and standards such as NIST, PCI-DSS, ISO 27001/ 27017 / 27018 / 27701.
-
Understanding of General Data Protection Regulation (GDPR).
-
Solid understanding of network design, architecture, OSI model and TCP/IP.
-
Experience with NOC/SOC and SIEM.
-
Experience with incident handling and threat intelligence in a large enterprise.
-
Exposure to Cloud computing.
-
Security Strategic Planning and Security Risk Management.
-
Knowledge of Web and application-based security.
-
Knowledge of encryption, such as PKI, Kerberos, SSL.
-
Bachelor’s degree in Management Information System, Computer Science, or related disciplines.
-
An information security or other similar technical certification such as Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or Certified Information Security Manager (CISM) is highly desirable.
-
Certification in Privacy (e.g. CIPP/E, CIPM, CIPT, CDPO etc) will be considered as an advantage.
Due to the high volume of applications, we receive at GRS Recruitment, only shortlisted candidates will be responded to.
To apply for this position, please email your CV to
Ross Pitman, ross@grsrecruitment.com quoting the above job reference or call +357 25 342 720 for further information.