The Analyst – InfoSec GRC (Governance, Risk, and Compliance) supports Wynn Resorts North America’s GRC objectives, with a focus on adherence to control standards and the effective design and operation of IT General Controls (ITGC). This role supports the InfoSec GRC program and reports to the Supervisor – InfoSec GRC and Manager – InfoSec GRC, with direction from the Executive Director of Information Security and the VP of Information Security/CISO.
The GRC team is one of five Information Security pillars under the Chief Information Security Officer; the others are Architecture & Engineering, Incident Response, Identity & Access Management, and Data Security.
Qualifications
- College diploma or university degree in computer science or related discipline, or 2 years of equivalent work experience.
- 2 years of applied experience performing technical audits, assessments, remediation, or cybersecurity compliance management.
- Familiarity with internal and external audit processes, including walkthroughs, evidence collection, and remediation tracking.
- Familiarity with IT General Controls (ITGC), including logical access management, change management, system operations (backup/recovery), and program development.
- Working knowledge of governance and compliance frameworks (e.g., SOX, NIST CSF, PCI DSS, NGCB MICS).
- Ability to interpret and apply internal policy requirements, audit findings, and regulatory standards to IT processes.
Job Responsibilities
- Prepare evidence, respond to inquiries, and support walkthroughs for internal and external audits.
- Review ITGC audits and workpapers to improve audit procedures and the quality of technical deliverables.
- Perform audit fieldwork, documentation, and basic testing procedures under the guidance of senior team members.
- Support GRC tooling and compliance monitoring, including audit automation, asset and application inventory, change management, and vulnerability management.
- Escalate control gaps and track remediation to closure by agreed-upon due dates.
- Complete required IT GRC training and support awareness activities across IT and applicable business units.
- Other duties as assigned.
Computer/Technical Skills
- Proficiency with GRC tools/platforms (e.g., Archer, ServiceNow GRC, AuditBoard) for control documentation, evidence tracking, policy management, and reporting
- Proficient with Microsoft 365 tools (Excel, Word, Teams, OneDrive) to produce audit workpapers and manage evidence
- Ability to troubleshoot common end-user issues and work effectively with standard business software.
- Strong analytical skills to define problems, analyze data, and document clear, supportable conclusions
- Working knowledge of IT domains (applications, operating systems, virtualization, storage, and networking) is preferred, with willingness to learn as needed
- Certifications are a plus (CISA, CompTIA Security+, CIA)
Competencies
- Write clear, audit-ready documentation and communicate findings succinctly to technical and non-technical stakeholders
- Collaborate effectively with control owners, escalate risks early, and track actions to closure
- Prioritize multiple requests, manage timelines, and follow through on commitments during audits and remediation efforts
Wynn Resorts is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. Wynn Resorts does not discriminate on the basis of disability, veteran status or any other basis protected under federal, state or local laws.