×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Business Analyst Data Security

Governance Risk & Compliance Manager

Job in Las Vegas, Clark County, Nevada, 89105, USA
Listing for: Boyd Gaming
Full Time position
Listed on 2025-11-25
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Business Analyst, Data Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below

The Manager for Governance Risk and Compliance will lead and strengthen Boyd Gaming programs that support enterprise risk management with an emphasis on technology risk, third party risk, policy governance, policy exception oversight, and issue management. The role ensures that risks are identified, evaluated, communicated, and appropriately addressed across the organization, collaborating with technology and business teams to maintain alignment with internal expectations and external regulatory requirements while supporting broader GRC functions when needed.

Job Description Risk Management
  • Serve as the primary subject matter expert for technology and cyber risks and advise stakeholders on effective risk identification, analysis, documentation, and treatment.
  • Lead enterprise technology risk assessments including annual and ongoing risk evaluation activities.
  • Maintain and improve the enterprise risk register including trend analysis, aggregation, remediation monitoring, and reporting for leadership.
  • Partner with technology teams to define appropriate risk responses and ensure adherence to the risk management process.
  • Evaluate the effectiveness of existing risk controls and recommend enhancements.
  • Support other risk-related activities as needed.
Third Party Risk Management
  • Lead the assessment of risks related to vendors, contractors, service providers, and other external partners.
  • Evaluate third party security documentation including SOC reports and other independent validation reports.
  • Coordinate follow-up with vendors and internal stakeholders on identified third party risks and required remediation.
  • Maintain third party risk records and provide reporting to technology and business leadership.
  • Support the integration of third‑party risk management activities into procurement and contract processes.
Policy Management
  • Oversee the development, approval, publication, and ongoing review of technology policies, standards, and procedures.
  • Ensure policy content aligns with risk management outcomes, regulatory requirements, and applicable control frameworks such as NIST CSF.
  • Partner with process owners and technology leaders to ensure policy expectations are understood and implemented.
  • Develop and maintain policy governance metrics and reporting.
Policy Exceptions
  • Lead the formal policy exception program including intake, evaluation, and decision support.
  • Review exception requests for risk impact and recommend appropriate time‑bound conditions, compensating controls, or mitigation actions.
  • Maintain accurate documentation of exception approvals, expirations, and follow‑up requirements.
  • Provide reporting on exception trends for leadership review.
Issue Management
  • Maintain a centralized inventory of issues identified through audits, assessments, risk reviews, and compliance activities.
  • Partner with process owners to define corrective action plans that address root causes and prevent recurrence.
  • Validate remediation evidence to ensure closure activities meet requirements.
  • Monitor remediation timelines and elevate delays when necessary.
  • Provide reporting on issue trends and progress for leadership.
Security Governance
  • Participate in the creation and review of technology‑related governance documents and support alignment with best‑practice frameworks.
  • Provide guidance during procurement, project planning, and product review processes to ensure compliance with internal policies and regulatory expectations.
  • Support development and assessment of GRC metrics.
  • Support the information security awareness program, including targeted training and required annual content.
  • Assist with governance‑related activities as needed.
Compliance
  • Support proactive readiness with process and control owners in advance of technology audits and regulatory assessments.
  • Facilitate audit and assessment requests, including evidence collection and coordination with internal and external teams.
  • Evaluate the adequacy of control design and operation relative to regulatory obligations and internal standards.
  • Assist in the completion and documentation of compliance reviews.
  • Support other technology compliance duties as needed.
Team Development
  • Develop and implement succession…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search