Risk Management Jobs 2026 (Now Hiring) – Smart Auto Apply

Direct responsibilities related to ensuring the confidentiality, integrity and availability of the company’s information assets within a blended information security framework based on published guidance from CIS, NIST, PCI DSS, ISACA (CoBIT), NIGC and a pragmatic/risk-based approach. Directly engaged in the development and interpretation of information security-based programs and policies and a full range of services tied to implementation, enforcement, compliance, and promotion of information security awareness throughout the enterprise. Responsible for providing guidance and support for Seneca Gaming Corporation (SGC) business units during applicable audits. Directly responsible for the coordination between the Information Technology (IT) department and internal/external audit participants. Acts as primary information assurance resource on business-driven project teams and mentor for other information assurance resources. Champion and drive continuous improvement within governance, risk, and compliance areas. All duties are to be performed within the guidelines of the SGCs policies and procedures, Internal Control Standards, and objectives.

ESSENTIAL FUNCTIONS AND RESPONSIBILITIES:

1.    

Directly responsible for leading Information Security & Assurance (ISA) governance support, focusing on all aspects of regulatory compliance, with particular emphasis on Sarbanes Oxley (SOX), PCI, MICS, ITGC and other industry and regulatory compliance requirements.

2.    

Analyzes information security risks, develops and proposes appropriate information security controls line with industry-accepted frameworks, standards, guidelines and best practices.  Recommends changes to existing controls to improve information security risk posture and in response to changes in risk.

3.    

Directly responsible for all ISA audit & review functions to include direct liaison with the primary regulatory entity.

4.    

Directly responsible for all SGC ITGC internal control testing, validation, and any required remediation coordination.

5.    

Drives all communications of accurate and timely information to all external and internal stakeholders concerning information technology audit status and other inquiries.

6.    

Functions as lead for Information Assurance processes, procedures, and specifications as part of continuous organizational improvement initiatives. 

7.    

Schedules and facilitates ongoing reviews of internal policies, processes, and procedures while assessing compliance, identifying weaknesses or gaps, and tracking through remediation. 

8.    

Plans, performs, and leads IT audit assignments to assess the efficiency and effectiveness of business processes and related controls.

9.    

Drives all communications with departmental leadership to understand applicable policies; assist with development of procedures for their staff which will meet or exceed policy and compliance standards, achieve practical and efficient workflow, and support business objectives. 

10.    

Prepares detailed documentation that provides evidence that audits were conducted in accordance with SGC standards.

11.    

Drafts, prepares, and submits audit evidence requests.

12.    

Assists with baseline SGC Information Security operational functions, systems reviews, and report reviews.

13.    

Assists the SGC Internal Audit team and/or department heads in developing risk assessments and annual plans with specific emphasis on IT systems and applications.

14.    

Assists the SGC internal Legal team with review and formulation of pertinent information security/assurance language for contracts.

15.    

Assists the SGC internal Application Support team (acting as ISA liaison) specific to initiatives with core enterprise applications - ACSC, LMS, SWS, Infinium, Kronos, InfoGenesis, other as required.

16.    

Functions as administrative lead for system access authorization components of SGC’s Identity & Access Management Program.

17.    

Functions as administrative lead for SGC’s Change Management Program.

18.    

Functions as administrative lead for SGC’s PCI Compliance Program.

19.    

Functions as the lead for ISA metric report generation and presentation.

20.    

Functions as lead for Information Security & Assurance systems (hardware/software) contract maintenance functions.

21.    

Functions as lead for administration of any ISA-specific Sharepoint site and associated content.

22.    

Provides primary oversight for ISA resource work order assignments to confirm all are mapped to defined standards.

23.    

Provides primary oversight for ISA resource project assignments to confirm all deliverables are mapped to defined standards.

24.    

Develops and delivers progress reports, proposals, requirements documentation and presentations.

25.    

Keeps abreast of the latest threats and vulnerabilities through independent study, and researches related technologies.

26.    

Represent ISA interests in core departmental meetings

27.    

All work products must comply with Internal Controls, Minimum Internals Control Standards (MICS), Sarbanes-Oxley (SOX), and Payment Card Industry DSS (PCI DSS).

28.    

Maintain a working knowledge and practical application of information security principles and practices as they relate to their job responsibilities.  Proactively assess potential risks and vulnerabilities within the environment.

29.    

Maintain a current understanding of all policy and guidelines regarding information security including the Seneca Gaming Corporation Acceptable Use Policy.  Understand and comply with all information security policies and procedures at all times. 

30.    

Provide exceptional customer service to all patrons and communicate in a pleasant, friendly and professional manner at all times.  Maintain a professional work environment with supervisors, managers, and staff.

31.    

Must complete all required SGC Training programs within nine (9) months from commencement of employment in this position.

32.    

Duties, responsibilities, requirements and expectations pertaining to this job are subject to change as needed.  Hours are determined by a 24-hour schedule.

QUALIFICATIONS/REQUIREMENTS: 

Education/Experience:

1.    

Must be 18 years of age or older upon employment.

2.    

Bachelor’s Degree in an Information Technology related field.

3.    

Minimum of three (3) years of work experience in a related Information Technology role is required.

4.    

An equivalent combination of education and/or experience may be substituted for the above requirements.

5.    

ISACA CISA certification is required.

6.    

GIAC (Global Information Assurance Certification)/GSNA (GIAC Systems & Network Auditors) certification or equivalent background is recommended.

7.    

Experience with the IT audit/assessment process (ITGC, SOX, PCI).

8.    

Experience with Microsoft Active Directory environment and baseline concepts required. 

9.    

Experience with IBMi (aka, AS/400, iSeries, System i) environment, commands, and utilities required.

10.    

Understanding of networking principles and standards.

11.    

Experience with information security tools and utilities.

12.    

Experience with network security practices.

13.    

Experience with email applications required, Microsoft Outlook experience preferred.

14.    

Must be able to demonstrate proficiency in Microsoft Windows and Microsoft Office.

15.    

Previous experience working in a hospitality or financial services environment is desired.

16.    

Must be able to learn all production applications/systems well enough to understand the security requirements of each position.

Language Skills and Reasoning Ability:

1.    

Must possess excellent communication skills.

2.    

Must possess excellent analytical skills.

3.    

Must be resourceful, utilizing all resources that are available to resolve issues.

4.    

Must have the ability to resolve problems/conflicts in a diplomatic and tactful manner.

5.    

Must be able to work with little direction and supervision.

6.    

Must demonstrate good judgment.

7.    

Must be a team player with strong interpersonal skills.

Physical Requirements and Work Environment:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.  

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.  The noise level in the work environment is usually moderately loud.  When on the casino floor, the noise levels increase to loud.  Must be able to work in an environment where smoking is permitted.

1.    

Must be able to stand, walk, and move through all areas of the casino.

2.    

Must be able to maintain physical stamina and proper mental attitude to work under pressure in a fast-paced casino environment and effectively deal with customers, management, employees, and members of the business community in all situations.

Salary Starting Rate:

$78,511.06

Compensation is negotiable based on experience and education.

Each position has varying minimum qualifications. In the absence of fully qualified candidates, some requirements may be waived.