Sr. Cybersecurity Analyst, Vendor Assessment
Company: BetMGM
Location: Atlantic City
Posted on: October 12, 2024
Job Description:
About UsWe are BetMGM. We are revolutionizing sports betting and
online gaming in the United States. We are a partnership between
two powerhouse organizations-MGM Resorts International and Entain
Group. You know our name through our exciting portfolio of brands
including BetMGM Sportsbook, Borgata online, Party Casino and Party
Poker. We aim to bring our ideas into action and find ways to
deliver the best quality in gaming platforms.We understand that
each card in the deck plays a unique role in any given hand, just
as our employees each play a unique role in accomplishing our goals
as a company. We strive to create a culture of empathy where our
employees feel valued, heard, and comfortable bringing their
authentic selves to work. We want to build a product and a
workplace that reflect the communities we serve so we approach our
work fearlessly, take responsibility when we get it wrong, and
ante-up again. We play to win, and we are all-in together.We were
recognized as one of Glassdoor's "Best Places to Work".About the
RoleBetMGM is seeking a Senior Cybersecurity Analyst in Vendor
Assessment to identify, quantify, and mitigate risks to the
organization from 3rd party vendor relationships, collaborating
with the Cybersecurity Manager and BetMGM InfoSec team. This
position is under the supervision of the Sr. Director Cyber & IT
Risk.The Sr. Analyst will show strong analytical skills, a detailed
mindset, and strong communication and interpersonal skills to
articulate findings of each vendor assessment to internal and
external parties. This role will partner with various teams within
our parent organizations (MGM and Entain) to respond to evolving
business requirements and stay on top of emerging threats as it
relates to onboarding and continuous monitoring of 3rd party vendor
relationships. The Sr. Analyst will also leverage their expert
knowledge of today's ever-changing cybersecurity landscape,
technical state regulations, and risk landscape to influence the
Technology acquisition process across our
business.Responsibilities
- Conduct vendor evaluations thorough assessments of potential
vendors to determine their suitability for partnership.
- Conduct comprehensive security risk assessments of third-party
vendors, evaluating their security controls, policies, standards,
and infrastructure.
- Analyze vendor capabilities, financial stability, reputation,
and compliance with relevant regulations and standards.
- Aid in the development and maintenance of comprehensive
third-party risk management procedures, trackers, and
documentation, aligned with industry best practices.
- Collaborate with procurement teams to develop selection
criteria and assist in vendor selection processes.
- Help to establish and maintain key performance indicators
(KPIs) and service level agreements (SLAs) for vendors.
- Monitor vendor performance against established metrics and
SLAs.
- Identify areas for improvement and work with vendors to
implement corrective actions.
- Develop risk mitigation strategies and protocols in
collaboration with internal stakeholders.
- Conduct regular risk assessments and implement measures to
minimize risk exposure.
- Ensure that vendors comply with contractual agreements,
regulatory requirements, and company policies.
- Stay informed on relevant regulations and industry standards
impacting vendor relationships.
- Conduct audits and re-assessments to verify vendor compliance
with established standards, prioritizing those with highly
sensitive data.
- Carry out application security vulnerability scanning and
supply remediation options, where applicable.
- If and only when necessary, attend third-party onsite visits in
support of any part of the vendor assessment process (willingness
to travel to vendors up to 10% of the time).
- Prepare comprehensive reports and presentations summarizing
vendor assessments, performance evaluations, and risk
analyses.
- Provide insights and recommendations based on data-driven
analysis to support decision-making processes.
- Communicate findings and recommendations to relevant
stakeholders, including senior management and cross-functional
teams.
- Contribute to Kanban boards and/or other tracking tools to
increase visibility into assigned work and promote workload
efficiencies. Stay on top of latest emerging technology trends and
proactively update the vendor assessment processes where
needed.Qualifications
- 5+ years of experience with third-party vendor security
assessment methodologies and security monitoring tools.
- Proven experience in vendor management, procurement, supply
chain management, or related roles.
- Proven experience in conducting risk assessments.
- Strong analytical skills with the ability to interpret complex
data and draw actionable insights.
- Ability to articulate identified risks to management and key
stakeholders in a clear, actionable manner.
- Excellent communication and interpersonal skills, with the
ability to collaborate effectively with internal and external
stakeholders.
- Detail-oriented mindset with a focus on accuracy and
precision.
- Ability to work independently, manage multiple priorities, and
meet deadlines in a fast-paced environment.
- Knowledge of compliance, conduct, and operational risk
management frameworks and processes.
- Expertise in common technology controls for industry best
practices (e.g., from NIST, ISO, ISACA, GLI etc.) frameworks.
- Ability to collaborate with high-performing teams and
individuals throughout BetMGM and externally to accomplish common
goals.
- Bachelor's or advanced degree in technology or a related field
or equivalent work experience.
- Relevant certifications (e.g., CSCP, CPIM, CISA) are a plus.The
annual salary range for this position is $89,200 to $117,075.
Factors which may affect starting pay within this range may include
geography/market, skills, education, experience and other
qualifications of the successful candidate. This position is also
eligible for participation in a performance-based bonus plan.Gaming
Compliance & Licensing RequirementsAs an online gaming company,
BetMGM is required to comply with state gaming regulations which
includes licensing obligations. Applicable employees must be
licensed by at least one jurisdictional agency, although certain
positions require licensing by multiple agencies. Failure to become
licensed or maintain licensure with each agency as required for the
role may result in termination of employment. Please note that the
licensing process includes comprehensive background checks which
may include a review of criminal records, financial history, and
personal background verification.In addition, candidates must
comply with and support the company's responsible gambling
policies, procedures and initiatives.About Our CultureBuilding
BetMGM from the ground up takes effort, energy, and teamwork, but
that's what will make leading this industry all the more
satisfying. We stay focused on our main goal with the help of these
four company pillars:Believe in Your Game - Take your shot! There's
a freedom to explore ideas usually only start-ups are lucky enough
to experience.Backed by the Best - With our expertise-merged with
that of our world-class investors-we have the opportunity to take
this business, and ourselves, farther than anyone has ever
imagined.Do What's Right - We operate with clarity and simplicity,
always doing the right thing by our customers and each other,
standing shoulder to shoulder every day.Hustle Hard - Our combined
commitment and ambition is what drives us to create some of the
most innovative products in the industry.What We OfferAs a valued
employee, we're committed to giving you the resources and support
you need. We offer Medical, Dental, Vision, Life Insurance,
Commuter Benefits, Paid Time Off, Holidays, Employee Resource
Groups and more!Applicable salary ranges may differ across markets.
Actual pay will be determined based on experience and other
job-related factors permitted by law. The position is also eligible
for an annual bonus.BetMGM LLC is an Equal Opportunity Employer. We
provide equal employment opportunities to all qualified
individuals, regardless of race, religion, gender, gender identity,
age, marital status, national origin, sexual orientation,
citizenship status, veteran status, disability, or any other
legally protected status. As an organization, we are unwavering in
our commitment to maintaining a discrimination-free work
environment, and fostering a culture of inclusivity, belonging and
equal opportunity for all employees and applicants.We understand
that each card in the deck plays a unique role in any given hand,
just as our employees each play a unique role in accomplishing our
company goals. So, we are committed to an inclusive culture for all
and empowering our employees to thrive in meaningful careers. At
BetMGM, we play to win, and we are "all in" together. If your
experience looks a little different from what we've identified and
you think you've got what it takes, we'd love to learn more about
you.If you need assistance or accommodation with your application
due to a disability, you may contact us at
recruitment@betmgm.com.This job description is not an exclusive or
exhaustive list of duties a person in this position may be asked to
perform from time to time.
Keywords: BetMGM, Reading , Sr. Cybersecurity Analyst, Vendor Assessment, Professions , Atlantic City, Pennsylvania
Didn't find what you're looking for? Search again!
Loading more jobs...