Manager, Cybersecurity - Winnipeg, Canada - WCB Manitoba

WCB Manitoba

Verified Company

Winnipeg, Canada

1 week ago

Posted by:

Sophia Lee

beBee Recruiter

Description

Job Summary:

The Manager, Cybersecurity & IT Risk Management manages the identification, assessment and mitigation of all security threats and vulnerabilities in the WCB environment.

This position is also responsible to provide leadership and guidance to the Cybersecurity & IT Risk Management team for all management functions of the unit.

This role will be a key member of the WCB Cybersecurity Governance Committee, to assist with developing the cybersecurity strategy, roadmap and cybersecurity programs for WCB.

Job Duties:

MANAGING UNIT
Manages staff and labour relations issues and provides leadership, guidance, support and direction to the unit including: hiring staff, conducting performance reviews and follow up, identifying training and development needs, coaching and motivating staff; and coordinating work activities and deciding on disciplinary action up to and including dismissal where necessary

Fosters the development of a multi-disciplinary team approach

Prepares and manages the unit's budget and is accountable for meeting budget targets and goals

Continuously evaluates, develops/selects, and implements the unit's service delivery operating model, competencies, methods, and tools

Plans, directs, and oversees the management, delivery, and coordination of a portfolio of cybersecurity projects for the unit

Establishes, authorizes, and oversees the implementation of training and development programs for the staff

Cascades branch operational objectives, ensuring staff are meeting established standards and practices and, where necessary, makes improvements to work processes

Ensures all staff are cognizant of, and subscribe to, their responsibilities to protect the confidentiality and privacy of information and addresses any breaches as appropriate

Manage staffing workload allocation, review and approve monthly time tracking for all branch resources and prioritize work against operational objectives and planned commitments

CYBERSECURITY & IT RISK MANAGEMENT

Leads cybersecurity operations and day-to-day cybersecurity activities including patch deployment, vulnerability management, incident response, threat detections, network monitoring and logging, end point protection, demilitarized zone (DMZ) management, etc.

Facilitates Cybersecurity Governance Committee meetings, including assisting the Committee with developing and implementing a cybersecurity strategy, framework, and roadmap that is aligned with WCB priorities

Prepares comprehensive monthly Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for the Cybersecurity Governance Committee

Prepares and presents security and IT risk management materials, cybersecurity initiative updates, and compliance reports to WCB senior management and the Cybersecurity Governance Committee

Conducts regular meetings with key stakeholders at IT and enterprise levels to discuss risks, trade-offs, and share relevant knowledge on cybersecurity risks, threats, and initiatives

Partners with business stakeholders to raise awareness of cyber risk management concerns

Develops and implements comprehensive cybersecurity strategies, policies, and procedures to safeguard WCB assets and mitigate risks

Oversees regular IT risk assessments and security audits to identify areas for improvement and ensure compliance with relevant regulations and security standards

Collaborates with cross-functional teams and WCB business stakeholders to integrate security best practices into business processes and technology solutions

Maintains cybersecurity incident response plans; prepares WCB to detect, respond, and recover from cybersecurity incidents; coordinates incident response efforts; and reports on impact, root-cause and post-mortem lessons to Cybersecurity Governance Committee, WCB Executives, and Board of Directors

Acts as the management escalation point for all security incidents

Tracks business case outcomes for cybersecurity related initiatives including cost, benefits, and risk

Represents cybersecurity considerations in architecture decisions and IT initiatives

Manages third-party risk program to address cyber risks existing on third-party systems.

Maintains awareness of emerging cybersecurity threats, technologies, and best practices to continuously enhance WCB's security posture

Fosters a culture of security awareness and accountability throughout the organization

MANAGING SERVICE PROVIDERS
Procures IT services and/or contractors in accordance with WCB standards and practices

Establishes and maintains vendor relationships

Develops a service provider network and manages relationships with contractors, including monitoring performance, service deliverables and achievement of milestones

Qualifications:

Completion of a recognized degree or diploma program in Information Security, Computer Science or an IT related discipline

Minimum ten (10) years Information Technology experience, including minimum five (5) years in Cybersecurity an