Seneca Gaming Corporation · 2 weeks ago
Director of Information Security & Assurance
Niagara Falls, NY
Full-time
Onsite
Director/Executive
10+ years expSeneca Gaming Corporation is responsible for establishing and maintaining an enterprise-wide information security program. The Director of Information Security & Assurance leads the development of security policies and collaborates with IT management to ensure compliance and manage information security risks.
Gambling & Casinos
Responsibilities
Works in close partnership with VP of Information Technology / CIO to ensure coordinated and effective information security operations across all systems and platforms
Works closely and collaborates with Technical Services, Systems, Network, Operations, Applications and Support teams to ensure alignment between the information security and the enterprise information technology architecture, thus coordinating the strategic planning implicit in these architectures
Leads and oversees the daily operations of the information security & assurance department and develops programs and best practices on information security domains such as access control, telecommunications and network security, risk analysis and security governance, security architecture, cryptography, operational security, application security, and business continuity/disaster recovery
Together with the CIO, develops, implements, and monitors, a strategic, comprehensive enterprise information security and risk management program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization
Manages the enterprise's security organization, consisting of direct reports and indirect reports and leads all hiring, training, staff development, performance management and annual compensation reviews
Identifies legal, regulatory, organizational and other requirements and provides recommendations for managing the risk of non-compliance. Identifies gaps between current and desired risk levels
Develops and communicates organizational information security policies and standards
Leads the development of and provides management oversight for the information security operating and capital budgets and monitors for variances
Creates and manages information assurance and risk management awareness training programs for all employees and approved system users
Acts as the liaison between Internal Audit, Legal, Human Resources and Compliance Departments providing leadership and oversight for audit and information assurance activities
Works directly with the business units to analyze information security risks and recommends appropriate risk treatment options to manage risk to acceptable levels
Provides subject matter expertise to executive management on a broad range of information security standards and best practices, such as CIS, NIST, NIGC MICS, PCI DSS, COBIT, ITIL
Provides strategic and tactical security guidance for all IT projects, including the evaluation and recommendation of technical controls
Creates and facilitates the information assurance risk assessment process, including reporting and oversight of remediation efforts to address negative findings
Collaborates on the development of a secure information technology infrastructure that provides reliable, resilient, responsive and secure enterprise information technology services
Manages security incidents and events to protect corporate IT assets, including intellectual property, fixed assets and the company's reputation
Coordinates the use of external resources involved in the information assurance program, including, but not limited to, interviewing, negotiating contracts and fees, and managing external resources
Assists in the development of effective disaster recovery policies and procedures
Develops business-relevant metrics to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation and increase the maturity of the security program
Qualification
Required
Must be 18 years of age or older upon employment
Bachelor's Degree in an Information Technology related field
Minimum of ten (10) years of experience in an Information Technology management role with a combination of information technology and demonstrable information security and assurance responsibilities
Minimum of five (5) years in Information Technology project management, systems design and integration and experience leading project teams using formal project management methodologies
A level of pertinent security/risk-focused certification, e.g. Security+, CISSP, CISM, CISA, CRISC
An equivalent combination of education and/or experience may be substituted for the above requirements
A deep understanding of and extensive experience with implementing network operating systems, systems design and enterprise architecture, systems development lifecycle (SDLC), project management methodology, asset management, access control systems, network communication protocols and topology, security engineering, public key infrastructure and identity and access management concepts
Experience with security/risk-specific program/program component development, e.g. information security governance & continuous improvement, security awareness, vulnerability management, data protection, endpoint protection, identity & access management, cryptography & key management, business continuity/disaster recovery, incident response
Direct experience with IT-based audit processes
Excellent written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and nontechnical audiences
Must be a critical thinker with strong problem-solving skills
Knowledge of technological trends and developments in the area of information assurance and risk management
Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals
Knowledge of security and control frameworks, such as CIS, NIST, NIGC MICS, PCI DSS, COBIT, and ITIL
Experience with contract and vendor negotiations
High level of personal integrity and ethical standards and the ability to professionally handle confidential matters and exemplify the appropriate level of judgment and maturity
High degree of initiative, dependability and ability to work with little supervision
Must possess and maintain a valid driver's license and be able to substantiate a safe driving record within the parameters acceptable to our liability insurance carrier
Must possess excellent communication skills: listening, writing, speaking, and interpersonal skills
Must have the ability to speak effectively to the public, employees, customers and vendors
Must have the ability to deal effectively and interact well with the customers, vendors and employees
Must have the ability to resolve problems/conflicts in a diplomatic and tactful manner
Company
Seneca Gaming Corporation
Since opening Seneca Niagara Casino in 2002, Seneca Gaming Corporation has grown into one of the largest private sector employers in Western New York, with 4,000 employees at its three locations.
1001-5000 employees
H1B Sponsorship
Seneca Gaming Corporation has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2023 (1)
2020 (1)
Funding
Current Stage
Late StageLeadership Team
Rod Centers
Chief Operating Officer
Melissa Free
SVP Chief Marketing Officer
Company data provided by crunchbase