Manager, Information Security - Winnipeg, Canada - Manitoba Liquor and Lotteries

Manitoba Liquor and Lotteries

Verified Company

Winnipeg, Canada

3 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

Full Time Employment Opportunity
COMPETITION #MLL020/23-24

Reporting to the Director, Cyber Security, the Manager, Information Security is responsible for providing leadership and direction in the creation, development, implementation, and management of a comprehensive Information Security (IS) strategy and associated program.

The incumbent influences behaviour within the organization to ensure that information assets are protected.

Duties:

Research and develop strategic program elements for ITS Security Strategic Direction and ensure alignment and support with Manitoba Liquor and Lotteries' (MBLL) Technology Roadmap.
Manage the development of a secure, confidential, reliable, and available computing environment. Plan and maintain cyber security controls, processes, and systems in accordance with their respective lifecycles.
Oversee and maintain security standards, practices, and assessments for cyber security maturity as well as compliance with gaming and payment card industry standards.
Ensure information security requirements are considered for all ITS projects.
Develop, manage, and maintain the cyber security operational and capital budgets.
Balance resourcing requirements for cyber security staff and contractors for both project (business and IT) and security operations.
Ensure adequate risk management assessments and acceptances are performed for all security issues.
Function as the Incident Manager for cyber security incidents and lead the Computer Security Incident Response Team (CSIRT) in incident handling and resolution of cyber security incidents.
Collaborate with the Corporate Security or Human Resources departments regarding investigations.
Ensure that appropriate levels of technical security exist for all systems across all platforms supported by MBLL.
Train, coach, and develop staff on security and safetyrelated programs and procedures.
Lead the planning, implementation, and operation of strategic program elements including security incident response and the Information Security awareness and education program.
Provide leadership through solid people management practices.
Recruit, manage, coach, and evaluate the performance of employees.
Ensure that department employees provide excellent customer service.
Provide training, guidance, and direction. Ensure positive morale and motivation of employees.
Resolve problems and issues, and provide conflict resolution in a sensitive, confidential, and professional manner.
Determine, where required, staff discipline/corrective action within established policies/related documentation.
Champion Corporate Responsibility (CR) by integrating CR practices into products, plans and work practices and by assessing the business and customer risks and opportunities associated with gambling, liquor, and cannabis products, as relevant.
Ensure all applicable policies and procedures are understood and adhered to by all employees.
Carry out all required duties and responsibilities of a supervisor of workers, as outlined under provincial safety and health legislation.
Provide direct and/or functional supervision to contract staff. Recruit, manage and evaluate the performance of cyber security contract staff.
Track resourcing requirements for IT divisional and business project work measuring and forecasting capacity and availability and solve resource deficiencies.

Primary Qualifications:

Completion of a recognized degree or diploma program in an IT related discipline, or an equivalent combination of education, certification, and experience.
Certification as a Certified Information Systems Security Professional (CISSP), or willingness to be certified. Once certified must maintain certification.
A minimum of ten years progressively responsible experience in an information systems function, with a minimum of three years at a supervisory level, ideally gained in the gaming/liquor distribution sales industry.
A minimum of seven years' experience with information security environment including security standards and best practices. e.g. PCI / NIST / ISO 2700
Demonstrated management experience with a view to efficiency, strong leadership and organizational skills, adoption of best practices, strong initiative and ability as a selfstarter, excellent human resource management and labour relations skills, and planning and managing budgets.
Demonstrated project management skills in an Information Systems environment.
Proficiency in Microsoft 365 (Word, Excel, PowerPoint, Outlook, OneDrive, and Teams).
Experience drafting business cases, RFP requirements, and evaluating responses for related technologies and services.
Excellent oral and written communication skills, including presentation skills, meeting facilitation, and influencing.
Lifelong learning, in developing innovative ways of acquiring and transferring knowledge in complex circumstances.
Recertification and upgrading is required t