Analyst - InfoSec GRC

 

The Analyst – InfoSec GRC (Governance, Risk, and Compliance) supports Wynn Resorts North America’s GRC objectives, with a focus on adherence to control standards and the effective design and operation of IT General Controls (ITGC). This role supports the InfoSec GRC program and reports to the Supervisor – InfoSec GRC and Manager – InfoSec GRC, with direction from the Executive Director of Information Security and the VP of Information Security/CISO.

The GRC team is one of five Information Security pillars under the Chief Information Security Officer; the others are Architecture & Engineering, Incident Response, Identity & Access Management, and Data Security.

Qualifications

• College diploma or university degree in computer science or related discipline, or 2 years of equivalent work experience.
• 2 years of applied experience performing technical audits, assessments, remediation, or cybersecurity compliance management.
• Familiarity with internal and external audit processes, including walkthroughs, evidence collection, and remediation tracking.
• Familiarity with IT General Controls (ITGC), including logical access management, change management, system operations (backup/recovery), and program development.
• Working knowledge of governance and compliance frameworks (e.g., SOX, NIST CSF, PCI DSS, NGCB MICS).
• Ability to interpret and apply internal policy requirements, audit findings, and regulatory standards to IT processes.

Job Responsibilities

• Prepare evidence, respond to inquiries, and support walkthroughs for internal and external audits.
• Review ITGC audits and workpapers to improve audit procedures and the quality of technical deliverables.
• Perform audit fieldwork, documentation, and basic testing procedures under the guidance of senior team members.
• Support GRC tooling and compliance monitoring, including audit automation, asset and application inventory, change management, and vulnerability management.
• Escalate control gaps and track remediation to closure by agreed-upon due dates.
• Complete required IT GRC training and support awareness activities across IT and applicable business units.
• Other duties as assigned.

Computer/Technical Skills

• Proficiency with GRC tools/platforms (e.g., Archer, ServiceNow GRC, AuditBoard) for control documentation, evidence tracking, policy management, and reporting
• Proficient with Microsoft 365 tools (Excel, Word, Teams, OneDrive) to produce audit workpapers and manage evidence
• Ability to troubleshoot common end-user issues and work effectively with standard business software.
• Strong analytical skills to define problems, analyze data, and document clear, supportable conclusions
• Working knowledge of IT domains (applications, operating systems, virtualization, storage, and networking) is preferred, with willingness to learn as needed
• Certifications are a plus (CISA, CompTIA Security+, CIA)

Competencies

• Write clear, audit-ready documentation and communicate findings succinctly to technical and non-technical stakeholders
• Collaborate effectively with control owners, escalate risks early, and track actions to closure
• Prioritize multiple requests, manage timelines, and follow through on commitments during audits and remediation efforts

Wynn Resorts is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture. Wynn Resorts does not discriminate on the basis of disability, veteran status or any other basis protected under federal, state or local laws.