2+ years' working of experience in a related field.
Requires in depth experience and knowledge of enterprise IT concerns and technologies
Experience with managing a compliance and/or security organization, including planning and executing security policies and standards development
Experience in ISO 27001 latest standard
Experience in Macau Cyber Security Law is a plus
1+ years in information security preferred to include management or administration in least 6 of the following disciplines:
Network Security and firewalls (CCSP/CCIE - Security, CCNA)
Relational Database Security
Remote Access/VPN solutions
Information Security Auditing
Intrusion Detection and Response
Anti-virus systems
Messaging Security
Security policy and procedure development
Windows and Active Directory security
Access management processes
Security benchmarking requirements (CIS)
Security compliance for Regulatory requirements (NERC/SOX/HIPPA/FISMA)
Security Strategic Planning and Risk Management
Web and application based security
Encryption (PKI/Kerberos/SSL)
Cloud Technologies
Education
Bachelor's degree in Management Information System, Computer Science, or related disciplines
An information security or other similar technical certification such as Certified Information Systems Auditor (CISA) and Certified Information Systems Security Professional (CISSP) is highly desirable
Skills / Competencies
Knowledge of security policies, standards, regulatory requirements such as ISO 27001, PCI-DSS, GDPR, MCSL
Fluent in of written and spoken English. Fluency in Cantonese and Mandarin will also be an advantage
Good knowledge of cloud platforms (e.g. AWS, Azure, Alibaba) a plus
Proven excellence in researching, organizing, writing, and presenting technical information via report writing and presentation (PowerPoint, Excel)
Capacity to work independently and in a team environment, with leadership ability and project management skills
Ability to multi-task and have solid project management skills.
Ability to understand the relationship between business processes, priorities, risk and their underlying
technologies and security risks
Ability to keep pace with a fast pace and growing company
Strong analytical and inter-personal skills to communicate technical information to non-technical background
users
PERSONAL COMPETENCIES:
Displays a high commitment to delivering results
Leads others to achieve business objectives
Communicates effectively
Displays the highest level of integrity
Ability to maintain discretion
Self-motivated
Approachable
Benefits
Remote work options
Additional Information
REQ13921 Analyst, Information Security (Compliance) (Open Date: 19/01/2026)
POSITION SUMMARY:
As an Analyst, Information Security (Compliance) you will be part of Team focusing adherence to Macau Cyber Security Law (MCSL), ISO27001 (latest) standard, regulatory requirements, and in-house policies.
PRIMARY RESPONSIBILITIES:
Ensure Melco Information Security Policy is compliant with Macau Cyber Security Law (MCSL) and to carried out required activities accordingly.
Enforce Melco Information Security Policy based on industrial standards (e.g. ISO27001 latest) and best practices across all Melco properties and locations
Oversee security control systems to prevent or deal with violation of Information Security Policies and Standards
Review and revise Information Security policies, procedures, standards and checklists periodically to ensure compliance to the latest standards and best practices
Coordinate/support an information security awareness program to deliver risk communication, awareness and training for audiences, which may range from senior leaders to field staff
Coordinate/support internal/external audit activities; perform annual internal audit in conjunction with internal policy, regulation and governance. Ensure audit findings and corrective actions are closed out accordingly
Review change/service request tickets in ticketing system within agreed SLA
Remain informed on current standards, trends and issues in the information security industry
Ensure cloud product (e.g. AWS, Azure, Alibaba) compliance to an array of cyber-security industry frameworks
Support Information Security Operation Calendar activities
Produce required dashboard for management reviews (e. Compliance, Vulnerability reports)
Melcoresorts · Studio City