Director of Technology Risk Assurance

Job Summary: 

The Director of Technology Risk Assurance is responsible for designing, executing, and continuously enhancing a comprehensive IT risk assurance and controls testing program. This role ensures the effectiveness, reliability, and compliance of IT controls across financial reporting systems, SOX requirements, and regulatory mandates, integrating risk management seamlessly into technology, business operations, and digital transformation initiatives. 

This leader oversees the end-to-end testing and validation of IT controls, ensuring they are well-designed, operating effectively, and aligned with industry best practices. They develop structured risk assurance methodologies, leveraging data-driven analytics and automation where possible to enhance testing efficiency, improve risk detection, and provide proactive insights into control weaknesses before they materialize. By analyzing risk trends and audit findings, they drive continuous improvements in control frameworks, ensuring adaptability to emerging risks and regulatory changes. 

Partnering with IT, internal audit, and compliance teams, the Director ensures audit readiness and risk transparency across the organization. They lead control rationalization efforts, balancing automation and manual controls to optimize efficiency while maintaining a strong compliance posture. Through strategic reporting, dashboards, and key risk indicators (KRIs), they provide senior leadership with clear, actionable insights to support risk-informed decision-making. 

 

Key Responsibilities: 

1. IT Risk Oversight & Internal Controls Strategy 

• Provide strategic leadership and oversight of IT risk assurance, ensuring IT control frameworks align with regulatory, financial reporting, and industry standards. 

• Establish and maintain a comprehensive IT risk assurance program, overseeing risk assessments, control design evaluations, and effectiveness testing across IT General Controls (ITGCs), application controls, and automated processes. 

• Direct IT compliance efforts by aligning risk assurance priorities with business objectives and evolving regulatory expectations. 

• Oversee coordination of IT SOX activities, ensuring seamless collaboration with internal audit, external auditors, IT leadership, and risk management teams. 

• Provide senior-level insights and strategic direction on IT risk mitigation, helping IT leaders proactively address control weaknesses, security gaps, and operational risks. 

• Ensure IT risk management practices are embedded into system changes, new implementations, cloud migrations, and technology upgrades, minimizing risk exposure while maintaining compliance. 

2. Risk Assurance & Compliance Reporting 

• Lead the design and implementation of comprehensive risk assurance reports and dashboards, ensuring they provide actionable insights into the organization's IT risk posture, control effectiveness, and compliance status. 

• Establish and maintain a risk reporting framework that enables timely identification, analysis, and escalation of IT compliance risks to senior leadership and key stakeholders. 

• Develop, track, and refine key risk indicators (KRIs) and key performance indicators (KPIs) to measure IT control effectiveness, risk exposure, and compliance health across critical systems. 

3. Leadership, Training & Stakeholder Engagement 

• Act as a trusted advisor to IT and business leadership, ensuring risk assurance and compliance strategies are integrated into decision-making. 

• Develop and lead risk awareness programs, ensuring IT and business leaders understand SOX compliance requirements, ITGCs, and control expectations as needed. 

• Influence stakeholders, driving a collaborative risk governance model that promotes transparency, accountability, and continuous improvement. 

4. Technology-Enabled Compliance & Continuous Improvement 

• Drive the evolution of IT SOX compliance through automation and real-time monitoring, reducing manual efforts and increasing efficiency. 

• Champion process automation initiatives to optimize control testing, risk assessments, and compliance tracking, ensuring risk assurance efforts scale with business growth and technology advancements. 

 

Qualifications & Requirements: 

Education & Certifications 

• Bachelor’s degree in Information Systems, Computer Science, Cybersecurity, or a related field. 

• Relevant professional certifications (strongly preferred), such as: 

• Certified Risk and Information Systems Control (CRISC) 

• Certified Information Systems Auditor (CISA) 

• Certified Information Systems Security Professional (CISSP) 

• Certified Information Security Manager (CISM) 

Experience Requirements 

• 12+ years of experience in IT risk management, SOX compliance, internal controls testing, and / or technology audit, including 8+ years in a management role. 

• Proven leadership experience in managing IT risk assurance programs, SOX compliance initiatives, and regulatory audits in a large enterprise environment. 

• Deep expertise in IT General Controls (ITGCs), application controls, and automated control testing methodologies across various technology environments (on-premise, cloud, hybrid). 

• Strong track record of managing IT control frameworks aligned with SOX, COSO, NIST, COBIT, ISO 27001, and other risk management standards. 

• Experience collaborating with internal and external auditors, regulatory agencies, third-party service providers, and senior executives to ensure risk transparency and audit readiness. 

• Background in risk advisory for IT system implementations, cloud migrations, and digital transformation projects, ensuring compliance is embedded into technology strategies. 

• Demonstrated ability to influence cross-functional teams and senior leadership, fostering a culture of proactive risk awareness and accountability. 

Technical & Functional Skills 

• Strong understanding of IT risk assessment methodologies, control frameworks, and industry best practices for IT compliance. 

• Expertise in access management controls, segregation of duties (SoD), change management, and data protection requirements related to financial and operational systems. 

• Knowledge of regulatory requirements impacting IT controls, including SOX, GLBA, CCPA, PCI-DSS, and industry-specific cybersecurity mandates. 

• Proficiency in risk reporting tools, compliance dashboards, and key risk indicator (KRI) development to provide actionable insights to senior leadership. 

• Experience with compliance automation tools and GRC (Governance, Risk, and Compliance) platforms. 

• Strong analytical and problem-solving skills, with the ability to assess complex IT risk scenarios and provide clear, strategic recommendations. 

• Exceptional communication and stakeholder management skills, capable of translating technical risk concepts into business-aligned solutions for executives. 

Leadership & Strategic Competencies 

• Strategic thinking with the ability to align IT risk management with broader business objectives, financial controls, and operational resilience. 

• Ability to drive continuous improvement by identifying opportunities for automation, process optimization, and emerging risk management technologies. 

• Collaborative and influential leader, fostering relationships with IT, finance, audit, legal, and regulatory teams to enhance governance and risk oversight. 

• High level of integrity, ethical leadership, and accountability, ensuring IT risk management practices uphold transparency and regulatory compliance. 

At Caesars Entertainment, Inc., our Team Members create the extraordinary. We are the largest casino-entertainment company in the U.S. and one of the world's most diversified casino-entertainment providers. Since beginning in Reno, Nevada, in 1937, Caesars Entertainment has grown through the development of new resorts, expansions and acquisitions. Our resorts operate primarily under the Caesars®, Harrah's®, Horseshoe® and Eldorado® brand names. We focus on building loyalty and value with our guests through a combination of impeccable service, operational excellence and technological leadership. The company is committed to its Team Members, suppliers, communities and the environment through its PEOPLE PLANET PLAY framework.  

Our Caesars family is driven by our Mission, Vision and Values. We take great pride in living these values – Together We Win, All In On Service and Blaze the Trail – every day. Our mission, “Create the Extraordinary”. Our vision, “Create spectacular worlds. That immerse, inspire and connect you. We don’t perform magic; we create it with excellence. #WeAreCaesars”.  If you are ready to create some magic, we invite you to explore our dynamic, yet unique, career opportunities.