PRIMARY PURPOSE:

The Director of Cyber Security is responsible for leading the MGM Resorts International Cyber Security program which includes the end-to-end delivery of incident response, threat intelligence, forensics, and log management for MGMRI, while enforcing MGMRI security, compliance and quality standards across users, cloud, applications, networks, endpoints, and servers. The Director is additionally responsible for managing the Information Security framework that meets or exceeds regulatory control requirements. The candidate must have experience leading a team of people that are responsible for supporting and developing standards and design reviews to ensure not only the right Security Controls are put in place to map to the Threats and Risks, but that the solutions put in by the meets those same standards. A proven track record of delivering quality security services on time is a must. Solid knowledge of security best practices, processes and tools required to support a successful security services system is required. This position involves working closely with teams across the enterprise, technology, digital, and data.

• Lead the development and implementation of a robust incident response plan, including detection, containment, eradication, recovery, and post-incident review.
• Manage and mentor a team of security analysts specializing in log management, forensics, and incident response. This includes:
• Setting performance expectations, providing coaching and development opportunities, and fostering a collaborative and high-performing team environment.
• Delegating tasks effectively, prioritizing workloads, and ensuring efficient incident response processes.
• Identifying training needs and developing programs to enhance the team's skills and knowledge.
• Conduct in-depth forensic investigations to identify the root cause of security breaches, collect and analyze evidence, and reconstruct timelines of events.
• Collaborate with legal counsel to provide expert support on cybersecurity incidents, including preparing technical reports and assisting with litigation.
• Stay abreast of evolving cyber threats, incident response best practices, and legal developments impacting cybersecurity.
• Develop and deliver training programs to educate employees on cyber threats and incident reporting procedures.

MINIMUM REQUIREMENTS:

• 7+ Years of Prior Relevant Experience in cybersecurity, with a strong focus on incident response and forensics.
• Proven experience leading and managing security teams.
• In-depth knowledge of incident response frameworks (e.g., NIST CSF) and best practices.
• Experience in log management, forensics analysis tools, and incident response methodologies.
• Excellent communication and collaboration skills to work effectively with technical and non-technical stakeholders.
• Strong analytical and problem-solving skills to investigate security incidents and identify root causes.
• Experience working with legal counsel on cybersecurity matters is a plus.