Melco Resorts & Entertainment Limited

Senior Analyst, Data Risk (Risk) - REQ4321

Melco Resorts & Entertainment Limited
Salary provided
Posted on 30 Sep 2020

Senior Analyst, Data Risk (Risk) - REQ4321

Melco Resorts & Entertainment Limited

Job Highlights

  • Identify security risks
  • Perform Strategic information security planning
  • Conduct risk assessment exercise

Job Description

As a Senior Analyst, Data Risk (Risk) you will be part of the Data Risk Team focusing on identifying and mitigating Information Security Risks in Melco


  • Identify security risks for new projects and system developments
  • Lead the process of gathering, analysing and assessing the current and future threat landscape
  • Conduct risk assessment exercise on new or existing systems/services to identify potential risks
  • Prepare the Security clearance sign-off report/review on new systems prior to live implementation
  • Conduct risk review and analysis on Change/Service Request in ticketing system to identify potential risks
  • Monitor and report the efficiency of existing security controls and make continuous improvements
  • Perform Strategic information security planning based on industry-standard best practices to achieve business goals by prioritizing defence initiatives.
  • Coordination on the evaluation, deployment, and management of current and future information security technologies
  • Support periodic Security documents updates to identify and address the latest trends and risks discovered
  • Remain informed on current standards, trends and issues in the information security industry
  • Ensure cloud product (e.g. AWS, Azure, Alibaba) compliance to an array of cyber-security industry frameworks
  • Support information security incident and investigation activities
  • Support annual internal/external audit activities
  • Support Information Security Operation Calendar activities
  • Support penetration testing activities


  • 3+ years working of experience in a related field
  • Requires in depth experience and knowledge of enterprise IT concerns and technologies
  • Knowledge of the DevOps methodology, Agile software development and the inclusion of Security in the development life cycle
  • 1+ years in information security preferred to include management or administration in least 6 of the following
  • disciplines:
  • Network Security and firewalls (CCSP/CCIE – Security)
  • Relational Database Security
  • Remote Access/VPN solutions
  • Information Security Auditing
  • Risk Assessment
  • Intrusion Detection and Response
  • Anti-virus systems
  • Messaging Security
  • Security policy and procedure development
  • Windows and Active Directory security
  • Access management processes
  • Security benchmarking requirements (CIS)
  • Security compliance for Regulatory requirements (NERC/SOX/HIPPA/FISMA)
  • Security Strategic Planning and Risk Management
  • Web and application based security
  • Encryption (PKI/Kerberos/SSL)
  • Cloud Technologies


An information security or other similar technical certification such as Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP) is highly desirable

Skills / Competencies  

  • A degree in Information Systems or equivalent
  • Good knowledge of gaming, hospitality, finance, retail and HR solutions
  • Good knowledge of computer platforms (e.g. AS400, MS Windows, AIX, Linux)
  • Good knowledge of cloud platforms (e.g. AWS, Azure, Alibaba)
  • Good knowledge of the DevOps/DevSecOps methodology, AppSec Stack/AppSec infrastructure, Agile software development and the inclusion of security in the development life cycle
  • Good knowledge of application security vulnerabilities, testing techniques, and the OWASP framework
  • Knowledge of security policies and standards such as ISO 27001, GDPR and PCI-DSS
  • Proven excellence in researching, organizing, writing, and presenting technical information
  • Capacity to work independently and in a team environment, with proven leadership ability and project management skills
  • Must have excellent analytical skills, have the ability to multi-task and have solid project management
  • Ability to understand the relationship between business processes, priorities, risk and their underlying technologies and security risks
  • Ability to keep pace with a fast pace and growing company
  • Achieves agreed objectives and accepts accountability for results
  • Good understanding of IT audit and control principles and design
  • Strong analytical and inter-personal skills to communicate technical information to non-technical background users
  • Fluent in English, Cantonese and Mandarin

To apply or for more information, please visit our website:
Suitable candidates will be invited for an interview within 4 weeks of their application. All information collected will be used for recruitment purposes only.

Additional Information

Career Level
Entry Level
Years of Experience
3 years
Job Type
Full Time, Permanent

Company Overview

Melco Resorts & Entertainment (NASDAQ: MLCO), a leading developer, owner and operator of casino gaming and entertainment resort facilities in Asia.  The Company currently owns and operates City of Dreams, its flagship integrated resort and home to the world’s largest water extravaganza - The House of Dancing Water; Studio City, a cinematically-themed integrated resort; Altira Macau, a Forbes 5-star luxury hotel; and the Mocha Clubs, a series of lifestyle and entertainment clubs in Macau.  In the Philippines, a subsidiary of the Company operates and manages City of Dreams Manila, an integrated resort in the Entertainment City complex in Manila.

Additional Company Information