IT Security & Compliance Manager

Position Summary:

The IT Security & Compliance Manager plays a critical role in protecting the organization’s information systems, data, and digital assets for casino and hotel operations. The position requires full responsibility for building strong cybersecurity frameworks and keeping the organization compliant with regulatory and industry standards and security awareness throughout the organization. The position demands active leadership to handle risks and incidents while making IT security match business goals within the fast-paced hospitality and gaming environment.

Key Responsibilities:

• Security Strategy & Governance:
  • Develop, implement, and maintain a comprehensive IT security strategy tailored to casino and hotel operations.
  • Establish and update security policies, procedures, and standards to mitigate risks and ensure compliance.
• Threat Monitoring & Incident Response:
  • Monitor networks, systems, and applications for vulnerabilities, threats, and security incidents using advanced tools (e.g., SIEM, IDS/IPS).
  • Lead incident response, including investigation, containment, and remediation of security breaches.
• Compliance & Risk Management:
  • Conduct regular security risk assessments, penetration tests, and vulnerability scans to identify and address weaknesses.
  • Ensure compliance with regulations and standards such as GDPR, PCI-DSS, ISO 27001, and local gaming and hospitality data protection laws.
  • Perform third-party vendor risk assessments to ensure compliance with organizational security standards.
• System & Data Protection:
  • Oversee identity and access management (IAM), encryption protocols, and data loss prevention (DLP) measures.
  • Collaborate with IT teams to integrate security-by-design principles into systems, applications, and cloud environments (AWS, Azure, GCP).
• Training & Awareness:
  • Design and deliver cybersecurity awareness programs for employees, emphasizing risks specific to the casino and hotel industry (e.g., payment fraud, guest data protection).
• Reporting & Communication:
  • Provide regular reports on security posture, incidents, and compliance status to senior leadership and stakeholders.
  • Communicate effectively with cross-functional teams to align security initiatives with business goals.
• Innovation & Continuous Improvement:
  • Stay abreast of emerging cybersecurity threats, trends, and technologies, particularly in the hospitality and gaming sectors.
  • Drive continuous improvement of security processes and tools to enhance resilience.

Reporting Structure:

• Reports directly to the Director of IT or Chief Information Officer.
• Collaborates with IT, operations, legal, and compliance teams.

Required Qualifications:

• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field.
• Minimum 2 years of experience in IT security, compliance, or risk management, preferably in hospitality, gaming, or regulated industries.
• Strong expertise of cybersecurity frameworks (e.g., ISO 27001, NIST, COBIT) and compliance standards (e.g., GDPR, PCI-DSS).
• Hands-on experience with security tools such as firewalls, intrusion detection/prevention systems, SIEM, and endpoint protection.
• Proficiency in network and system administration across Windows, Linux, and cloud environments (AWS, Azure, GCP).
• Knowledge of local and international data protection regulations relevant to the casino and hotel industry.
• Exceptional problem-solving, communication, and leadership skills.
• Ability to work under pressure, manage multiple priorities, and respond to incidents in real time.

Preferable Qualifications:

• Professional certifications such as CISSP, CISM, CISA, CRISC, or ISO 27001 Lead Auditor.
• Experience securing cloud-based infrastructures (AWS, Azure, GCP) and hybrid environments.
• Hands-on experience with VMware virtualization technologies (e.g., vSphere, ESXi, vCenter) for managing and optimizing enterprise IT infrastructure.
• Prior experience in the hospitality, gaming, or financial sectors, with an understanding of industry-specific risks (e.g., payment card security, guest data privacy).
• Proactive, energetic, and results-driven mindset with a focus on innovation and continuous improvement.

• Competitive salary & benefits package
• Full salary, insurance and service charge during probation period
• Annual Leave
• Uniform
• Employee Shuttle Service
• Health checkup
• Salary review
• Training & Development
• Duty meal