GRC Analyst II

Job Details

Job Location Las Vegas - LAS VEGAS, NVPosition Type Full TimeJob Category Information Technology

Description

Konami Gaming is looking for a GRC Analyst II to join our team!

This position plays a key role in supporting the organization’s Governance, Risk, and Compliance (GRC) initiatives, with a focus on adherence to ISO/IEC 27001 control standards, and the effective design and operation of General IT Controls (GITC.   

This individual is responsible for coordinating risk assessments, maintaining control frameworks and related policies, supporting internal and external audits, and monitoring the implementation of corrective actions.  They must work effectively with auditors and business stakeholders across the organization to ensure the confidentiality, integrity, and availability of systems and data through structured control practices and continuous improvement recommendations.

In addition, the role contributes to the development and ongoing management of the organization’s Business Continuity Planning (BCP) program, including risk-based scenario planning, recovery strategies, and continuity testing activities.

The ideal candidate will have a strong understanding of ISO 27001 requirements, IT governance practices, and risk-based control monitoring in regulated environments.

 

What you'll be doing:

Governance, Risk, and Compliance Program Execution

• Support the implementation and ongoing maintenance of the organization’s GRC framework aligned with ISO/IEC 27001.
• Assist in maintaining the Information Security Management System (ISMS), including risk treatment plans and Statement of Applicability (SoA) documentation.
• Perform regular reviews and updates to security policies, standards, and procedures to ensure alignment with ISO requirements and best practices.

Risk Assessment and Control Monitoring

• Conduct periodic information security and IT risk assessments, including evaluation of threats, vulnerabilities, and control effectiveness.
• Support the identification, documentation, and tracking of risks, control gaps, and associated remediation activities.
• Collaborate with business and IT teams to ensure risk mitigation strategies are appropriate and effectively implemented.

General IT Controls (GITC) Oversight

• Assist in the evaluation, documentation, and testing of key IT general controls (e.g., access management, change management, backup and recovery, logical security).
• Coordinate with control owners to ensure GITC design and operating effectiveness meets internal and external audit expectations.
• Support continuous monitoring of IT controls to ensure consistency, audit readiness, and timely remediation of deficiencies.

Audit and Assurance Support

• Prepare evidence, respond to inquiries, and support walkthroughs for internal audits, external audits, and ISO 27001 surveillance or certification assessments.
• Track and report on audit findings and corrective action plans to ensure timely resolution and closure.
• Maintain organized and accurate audit documentation and audit trail records.

Compliance Reporting and Metrics

• Generate compliance dashboards, risk registers, and management reports to provide visibility into security and compliance posture.
• Develop and maintain control testing schedules, evidence repositories, and compliance checklists.
• Monitor for changes in regulatory or certification requirements and assess the impact on current compliance obligations.

Stakeholder Engagement and Training

• Collaborate with IT, security, legal, and business units to facilitate control implementation and awareness.
• Provide input into awareness training related to policies, risk management practices, and control obligations.
• Participate in cross-functional initiatives to embed governance and compliance requirements into enterprise processes.

Continuous Improvement

• Recommend enhancements to the GRC program based on audit outcomes, control testing, and emerging threats or regulatory developments.
• Support initiatives to automate evidence collection, control testing, and reporting through GRC tools or platforms.
• Stay current with industry trends, ISO updates, and compliance frameworks relevant to the organization’s risk environment.
• All other duties as assigned.

Konami Offers

• Competitive Wages
• Great 401(k) plan with company match
• Comprehensive health benefits package
• Generous Company paid Holidays and Paid Time Off (PTO)
• Tuition reimbursement program

About Konami Gaming, Inc.:

For Players. For Operators. For Each Other.

Konami Gaming, Inc. entered the US gaming market in the 2000s and we have spent the last two decades moving the industry forward with breakthrough games, head turning cabinets, and a casino management system that brings it all together. Over that time, we have garnered our share of awards and established a corporate culture of success and innovation.

A world leader in systems and game development, Konami can offer you the best of both worlds - stability within a dynamic, creative environment. We are excited to announce that Konami Gaming Inc. is growing and expanding into new product lines, including premium and standard games, and new market segments. As we enter a new growth period for the Company, we are expanding our reach to attract top talent in game studio operations, technology and product development.

Qualifications

What we'll want you to have:

Education (Recommended)

• Bachelor’s degree in Information Security, Cybersecurity, Computer Science, Information Systems, or Business Administration with a focus on Risk, Audit, or IT Management

– OR equivalent combination of education and relevant work experience 

Certifications (Recommended)

 Information Security & Risk Management

• ISO/IEC 27001 Lead Implementer or Lead Auditor
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• Certified in Risk and Information Systems Control (CRISC)
• Certified Business Continuity Professional (CBCP) or Associate Business Continuity Professional (ABCP
• Business Continuity Certified Planner (BCCP

Job Knowledge / Minimum Work Experience

• 3 to 5 years of progressive experience in information security, IT audit, compliance, risk management, or a related discipline
• Direct involvement in ISO/IEC 27001 implementation, maintenance, or audit support activities
• Hands-on experience supporting internal controls testing, including GITC scoping, control operation review, and remediation follow-up
• Participation in business continuity or disaster recovery planning exercises or program oversight
• Experience working in a regulated industry or enterprise environment with formal compliance requirements (e.g., SOX, PCI DSS, HIPAA, GLBA)

Computer / Technical Skills

• Solid understanding of ISO/IEC 27001 and related information security management system (ISMS) frameworks
• Familiarity with General IT Controls (GITC) including access management, change management, backup/recovery, and system operations
• Knowledge of business continuity and disaster recovery planning principles, including recovery strategies, impact analysis, and continuity testing
• Working knowledge of risk management methodologies, control assessments, and compliance monitoring
• Understanding of IT governance frameworks such as COBIT, NIST CSF, or ITIL
• Ability to interpret and apply internal policy requirements, audit findings, and regulatory standards to enterprise processes
• Proficiency with GRC tools or platforms (e.g., Archer, ServiceNow GRC, LogicManager, or similar)
• Strong documentation skills, including experience developing policies, procedures, risk registers, and audit responses
• Familiarity with internal and external audit processes, including walkthroughs, evidence collection, and remediation tracking
• Effective written and verbal communication skills for interfacing with both technical teams and senior business stakeholders

Additional Requirements:

• Minimal travel necessary. 0-10%, or as business requires. Employee must be flexible to the travel needs of the business. Must possess a valid driver’s license.

Work Environment:

• Full-time / 40+ hours per week. Must be flexible to work overtime, including nights, weekends, and holidays as required.
• Position shall work primarily in a smoke free office environment. The noise level is low to moderate. Position shall maintain a cubicle or office in close proximity to other cubicles and offices. 
• Must be comfortable working in an area with limited working space for long hours with the ability to remain seated at computer terminal for extended periods of time. Extreme repetitive motion using keyboard, mouse, and telephone. Must be able to work at assigned location to enable direct communications and interactions with team members, management, and others as necessary, unless traveling for a business-related purpose.
• Ability to work effectively and efficiently in a high-stress, fast-paced, and high-pressure environment while maintaining high standards of accuracy, paying attention to detail, and meeting assigned deadlines. Demonstrates high integrity, trust, and strict confidentiality. Ability to maintain excellent communication and a positive, respectful, and professional attitude and relationship with clients, employees, peers, co-workers, all levels of management, and all outside organizations conducting business or otherwise interacting with the company. Ability to always act autonomously while adhering to overall department and company policies and procedures.

 

Konami Gaming is an Equal Opportunity Employer committed to diversity in the workplace. All qualified employees and applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, age, national origin, disability, marital status, protected veteran status, gender identity or any other factor protected by applicable federal, state, or local laws.

If you need a reasonable accommodation because of a disability for any part of the employment process, please call 702-616-1400 and let us know the nature of your request and your contact information.