Our Company has one exciting mission: To entertain the human race and provide an unforgettable escape. Delivering excellence for our guests, and contributing to building and sustaining our communities, requires collaboration from diverse teams of world-class talent. Our iconic MGM Resorts brands offer a wide variety of exciting career opportunities, each with access to unlimited growth.

PRIMARY PURPOSE:

The Enterprise Business Information Security Officer will lead a team of Information Security Business Solution Architects and collaborate with business stakeholders to understand information security needs, and will work with the Enterprise Information Security Cybersecurity, Risk & Compliance and IAM teams to develop solutions to meet the needs of the business. The Executive Director will also coordinate with Information Security counterparts and leadership to oversee the continuous communication to the business all Information Security requirements for design, development, and implementation of Information Security policies, standards, controls, solutions, and services.

This role will also be responsible for ensuring that technical products, platforms, programs, and solutions have followed MGM's Information Security Policies and standards as well as regulatory and internal requirements including Sarbanes-Oxley, payment card industry standards and Gaming regulations, as well as industry best practices.

• Leads a team of Information Security Business Solution Architects (ISBSA's) to ensure a consistent methodology and proactive framework is deployed across the partners and associated lines of business.
• Assists to conduct strategic planning and create a technical roadmap to support the business objectives and drive transformation and continuous improvements in MGM's enterprise Information Security and compliance posture.
• Identifies and measure information security controls on most critical business processes or channels.
• Champions MGM's Information Security strategy, ensuring enterprise objectives and requirements are communicated and understood by business stakeholders.
• Maintains a strong understanding of the IT environment to manage the threat and risk landscape - application stacks, infrastructure components, and external facing footprint.
• Coordinates information security risk assessments on internal and external services.
• Acts as the key liaison between Information Security, relevant business units, and outside vendors to understand and translate business requirements to functional and technical solutions to achieve commercial objectives.
• Owns the business relationship from the Information Security department and serves as a trusted advisor to the defined business stakeholders and systems owners ensuring business objectives, strategy, and interdependencies are well understood, documented, and communicated.
• Builds and continuously develops effective working relationships with the relevant business stakeholders to serve as a key decision maker and advisor on strategic business issues.
• Provides the technical insight and innovation required to ensure the successful development, implementation, management, and maintenance of the systems, processes, and policies that are required to protect the breadth of MGM's enterprise systems and data.
• Works proactively with lines of business (LOB) to ensure security, risk and compliance considerations is actively built into the organization objectives and procedures.
• Works with business units and Corporate leadership to determine acceptable levels of risk, report on variances, and propose mitigation recommendations.
• Proactively identifies information security deficiencies or opportunities for improvement and facilitates development of pragmatic solutions.
• Monitors information security trends internal and external to the Company and keeps LOB leadership informed about information security-related trends.
• Supports creation of a technology roadmap by business unit taking into consideration security architecture, compliance, and business process design.
• Leverages risk-based reporting to shape the risk posture and subsequently derive guidance to improve information security adoption across assigned lines of business.
• Identifies and measure information security controls on most critical business processes or channels
• Champions MGM's Information Security strategy, ensuring enterprise objectives and requirements are communicated and understood by business stakeholders.
• Maintains a strong understanding of the IT environment to manage the threat and risk landscape - application stacks, infrastructure components, and external facing footprint.
• Coordinates information security risk assessments on internal and external services.

MINIMUM REQUIREMENTS:

• Bachelor's Degree or equivalent experience
• 5+ Years of Prior Relevant Experience