Manager, Bt Security and Compliance - Edmonton, Canada - SNDL

SNDL

Verified Company

Edmonton, Canada

2 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

Job Title
Manager, BT Security and Compliance
Job Description
About SNDL

About the Role

Reporting to the Vice President of Business Technology Operations, the Manager, Business Technology (BT) Security and Compliance is responsible for leading the day-to-day operations and continuous improvement of a 24x7x365 BT Security & Compliance team for all SNDL Business Units and banners.

This position will be responsible for designing, maintaining, configuring, troubleshooting, auditing, and documenting the status of all security and compliance controls.

The position supports the organization's technology needs to provide a robust, secure, and reliable computing environment.

Key Attributes:

Spirited team leader with a talent for motivating local and remote teams.
Strong communicator. When you speak, others are interested in listening.
Strategic thinker, and always find yourself at least a step ahead
You handle even the tightest deadlines and highpressure situations with a cool head and clear vision.
Collaborative mindset with a knack for simplifying complex problems.
Proactive approach to addressing security risks and compliance challenges.
Relatable and exceptional at building relationships with key stakeholders.

Role and responsibilities include, but are not limited to:

General Responsibilities_
Provide leadership, direction, guidance, and supervision to both Security and Compliance analysts.
Work with team members to ensure their S.M.A.R.T. objectives align with the business directives. Establish a cadence for review, constant improvement, and expectation setting.
Establish clear responsibilities and expectations on tasks and projects, with planned followup on your teams' deliverables, including your own. Use a project management mindset to foster accountability and highquality output.
Foster a supportive work environment. As a Manager, you will be encouraged to promote team building and opendoor communication. You will also play a crucial role in informing your team of largescale business changes and how they impact their work, ensuring they feel supported and confident in their roles.
Mentor team members in their respective disciplines and assist in continuous growth and development.
Collaborate with BT teams and other related organizational departments to develop and maintain incident response plans to effectively address and mitigate security incidents such as breaches, data leaks, cyberattacks, etc.
Monitor industry developments, regulatory changes, and emerging technology compliance and security best practices to assist with implementing improvements to the organization's IT compliance and security programs accordingly.
Work closely with other departments, including BT, Legal, Regulatory and Compliance, Internal Audit, Human Resources and Risk/Loss Management, to address compliancerelated issues and ensure a coordinated approach to compliance efforts.
Security-Related Skills and Initiatives_
Technology Policy Development_: Develop and enforce security policies, procedures, and guidelines in alignment with industry standards and regulatory requirements.
Risk Assessment_: Identify, assess, and prioritize security risks and vulnerabilities within the organization's technology systems and networks.
Security Awareness Training_: Conduct security awareness training programs to educate employees about best practices for data protection, password security, phishing awareness, and other relevant topics.
Compliance_: Ensure compliance with relevant data protection laws, regulations, and industry standards (e.g., GDPR, PCI DSS).
Security Tools Management_: Oversee the selection, deployment, and management of security tools and technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus software, encryption tools, and security information and event management (SIEM) systems.
Vulnerability Management_: Implement processes for identifying, prioritizing, and remediating security vulnerabilities across the organization's IT infrastructure.
Security Audits and Assessments_: Conduct regular security audits and assessments to evaluate security controls' effectiveness and identify areas for improvement.
Collaboration_: Collaborate with crossfunctional teams, including IT, legal, compliance, and business units, to ensure a holistic approach to security and compliance.
Budgeting and Resource Management_: Develop and manage the security budget, allocate resources effectively, and invest strategically in security initiatives.
Continuous Improvement_: Stay informed about emerging threats, technologies, and best practices in cybersecurity, and continuously improve the organization's security posture.
Technology Compliance-Related Skills and Initiatives_
Regulatory Compliance_: Stay abreast of relevant laws, regulations, and industry standards relating to technology and data management (e.g., GDPR, Sarbanes Oxley (SOX), PCI DSS)