MELCO Resorts & Entertainment in Cyprus

Melco Resorts & Entertainment (Melco) is the developer and operator of the upcoming integrated resort, City of Dreams Mediterranean, which is expected to be the largest and premier integrated resort in Europe. The Company’s unique blend of design, entertainment and quality sets the company apart, making it the global leader in premium integrated resorts. As recipient of more than 650 awards international, regional and local awards, Melco’s esteemed achievements highlight the Company’s dedication to exceptional hospitality and service excellence. With its entire property portfolio honored with the top tier, Forbes Travel Guide Five-Star recognition, Melco leads among integrated resort operators in Asia. Melco’s four signature restaurants across Melco properties are honored by Michelin Guide Hong Kong Macau 2021 with a collective total of seven Michelin-stars. With its growing international presence and approximately 20,000 colleagues globally, Melco actively contributes to the communities in which it operates. The Company values colleagues as the heart of the business and was named one of the “Best Companies to Work for in Asia” by HR Asia for two consecutive years (2019-2020). Furthermore, Melco has received numerous accolades for its contributions to the community, including being named winner of “Community Award – Asia” at 2020 Industry Community Awards and being voted “Socially Responsible Operator of the Year” at International Gaming Awards 2019.

As part of Melco, City of Dreams Mediterranean will be driven by the Company’s commitment to excellence. It is set to be a world-leading integrated resort and landmark for Cyprus and the wider region, offering a range of attractions and entertainment options including luxury accommodation, fine dining, recreation and MICE facilities. City of Dreams Mediterranean is set to boost tourism in Cyprus, attracting an additional 300,000 tourists annually and contributing significantly to alleviate seasonality. During the construction phase, City of Dreams Mediterranean is expected to create an estimated 4,000 local job opportunities, and approximately 2,500 permanent jobs once open.

Melco also operates Cyprus Casinos in Nicosia, Ayia Napa, Paphos, Larnaca and Limassol.

POSITION SUMMARY:

As a Governance Risk & Compliance Analyst, Information Security you will be responsible for the implementation and overall operation of Information Security. This includes the assistance in the development and implementation of comprehensive information security controls, user education and training, compliance, incident response and security risk management

PRIMARY RESPONSIBILITIES:

• Enforces Melco Information Security Policy based on industry standards (e.g., ISO27001, NIST, PCI) and best practices across all Melco properties and locations
• Reviews and revises Information Security policies, procedures, standards, and checklists periodically
  to ensure alignment with the latest standards and best practices
• Performs Risk Assessment and Data Privacy Impact Assessment (DPIA) on new systems/services
• Lead the security assessment on the new corporate initiatives including the architecture design, data / privacy protection, compliance framework, etc. to identify potential risks and ensure appropriate security controls are put in place
• Liaise and facilitate with Business Units, IT Engagement, PMO and other Information Security function teams to ensure the company security best practice is applied and identify any residual risk throughout the project life cycle
• Coordinates and supports external audit activities, performs annual internal audit in conjunction with internal policy, regulations, and governance. Ensures audit findings are remediated and take corrective action
• Creates, identifies, and enhances processes that may leverage new or existing technologies to improve protection or minimise risk
• Assists in strategic information security planning based on industry-standard best practices to achieve
  business goals by prioritizing defence initiatives and coordinating the evaluation, deployment, and
  management of current and future information security technologies
• Ensures findings from various security assessments i.e red team activities are remediated in timely manner
• Remains informed on current standards, trends, and issues in the information security industry
• Reviews change/service request tickets within agreed SLA and assess the relevant organizational risk

QUALIFICATIONS:

Experience

• 3+ years of relevant experience in Information Security and Cyber Security
• Good knowledge of security frameworks and standards such as NIST, PCI-DSS, ISO 27001/ 27017 / 27018 / 27701
• Familiar with compliance and regulatory frameworks e.g., GDPR, will be an advantage
• Security Strategic Planning and Security Risk Management
• Experience in Vulnerability Management tools and procedures
• Experience with managing security in large organization, including implementation of security policies and procedures
• Good knowledge of Operating systems i.e., Windows, Linux
• Good knowledge of Cloud platforms (i.e., AWS, Azure)
• Solid understanding of network design, architecture, OSI model and TCP/IP
• Knowledge of Web and application-based security (i.e., OWASP Top 10)
• Knowledge of encryption, such as PKI, SSL/TLS, data-at-rest
  

Education

• Bachelor’s degree in Management Information System, Computer Science, or related disciplines
• An information security or other similar technical certification such as Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), or Certified Information Security Manager (CISM) is highly desirable
• Certification in Privacy (e.g., CIPP/E, CIPM, CIPT, CDPO etc) will be considered as an advantage

Skills / Competencies

• Proven excellence in researching, organizing, writing, and presenting technical information
• Strong analytical and inter-personal skills to communicate technical information to non-technical
  background users
• Capacity to work independently and in a team environment, with proven leadership ability and project management skills
• Must have excellent analytical skills and be able to multi-task
• Ability to understand the relationship between business processes, priorities, risk and their underlying technologies and security risks
• Ability to keep pace with a fast pace and growing company
• Achieves agreed objectives and accepts accountability for results
• Displays the highest level of integrity
• Ability to maintain discretion
• Goal oriented and ability to meet deadlines
• Ability to identify, analyse and address problems to resolve issues whenever possible in a way that minimizes negative impact and risk to the organization
• Effective organizational and time management skills required

PERSONAL COMPETENCIES:

• Displays a high commitment to delivering results
• Communicates effectively
• Displays the highest level of integrity
• Ability to maintain discretion
• Self-motivated
• Approachable

To apply please click here: Governance Risk & Compliance Analyst, Information Security