Information Security Specialist Governance, Risk, and Compliance - Chicago, United States - Rush Street Gaming

    Rush Street Gaming
    Rush Street Gaming Chicago, United States

    1 month ago

    Default job background
    Description

    Position Summary:

    The InfoSec Governance, Risk, and Compliance Specialist designs, implements, and updates information security policies and procedures to align with business objectives, industry best practices, and regulatory requirements, while ensuring the organization's security measures remain effective and relevant.

    Job Functions:

    • Designs and implements an Information Security Program
    • Designs, implements, and updates information security policies and procedures to align with business objectives, industry best practices, and regulatory requirements, while ensuring the organization's security measures remain effective and relevant.
    • Establishes and facilitates information security forums/committees to support informed decision-making by management. Leads the risk acceptance management process.
    • Establishes, monitors, and reports key security performance indicators to enhance visibility into the organization's security posture and support informed decision-making.
    • Spearheads cross-functional collaboration with departments such as marketing, casino operations and human resources to integrate security considerations into their processes and projects while assigning risk ownership.
    • Assists in managing the information security budget, allocating resources, and prioritizing projects based on risk and business needs.
    • Oversees the Information Risk Management program by identifying, assessing, and prioritizing information security risks, collaborating with Security architects to develop control mechanisms and mitigation strategies that effectively reduce risks in accordance with the organization's risk appetite.
    • Manages a centralized security risk register.
    • Assesses third-party vendors and suppliers' security practices to ensure compliance with the RSG's security requirements and contractual obligations.
    • Develops and executes security awareness and training programs to educate employees on information security best practices and responsibilities, as well as creating specialized training paths for the security team.
    • Stays informed about the latest security trends, threats, and technologies to recommend improvements or new initiatives that address emerging risks in the evolving security landscape.
    • Identifies compliance requirements and monitors adherence to internal security policies, security initiative commitments, as well as industry regulations and standards.
    • Coordinates with external parties to conduct independent assessments of RSGs security posture and compliance, evaluating as a second line of defense the effectiveness of implemented controls, and recommending corrective actions.
    • Serves as the primary contact for internal and external security audits.

    Job Requirements:

    • Bachelors Degree in Computer Science, IT or a related field preferred or equivalent combination of education, experience, and/or training.
    • Three years security experience in the Casino / Hospitality industry preferred.
    • Security certification such as CISM, CRISC, GRCP, CGEIT, CISSP, Security+ preferred.
    • Knowledge on security solutions and IT technology such as: GRC tools, the technical aspect of network security including TCP/IP, firewall, VPN, encryption technologies, IPS, IDS, SIEM, Routing and Switching.
    • Able to interact with others while maintaining a positive and courteous demeanor.
    • Ability to work in a fast-paced, high volume work environment.
    • Maintain a high level of professional integrity and discretion.
    • Ability to obtain and maintain all necessary licensing is required.
    • Required to provide documents to show eligibility to work in the United States.
    • Regularly required to sit, see, talk, hear, and use hands.
    • Ability to work flexible shifts and days of the week including holidays.
    • Overnight travel to properties, and/or the Corporate office, if not local to Chicago, will be required on a regular basis.

    The 1 Rush Street Fundamentals:

    Have Fun at Work

    Deliver Memorable Guest Experiences

    Integrity in All Things

    Respect. Give It, Get It

    Strong preference for candidates commuting distance to one of the Rush Street Gaming properties, or the Chicago corporate office.

    Rush Street Gaming is an equal opportunity employer and has a strong commitment to diversity, equity and inclusion.

    Please provide resume with your application.