Full Time Employment Opportunity
Reporting to the Manager, Information Security, the Senior Information Security Analyst is responsible for the planning, development and operation of various elements of the Manitoba Liquor & Lotteries Information Security program. The incumbent provides a lead role in risk management, incident response and ensuring compliance of information systems with industry and organizational standards. The position is also responsible for leading the design of innovative security solutions for the organization.
Evaluate requirements and design the integration architecture for Information Security identified solutions spanning multiple domains.
Apply Enterprise Architecture principles, standards, and methodology to ensure effective solution design.
Set up complex and custom configurations – considering other domains when defining solutions.
Evaluate technology for compliance with organizational standards and existing architecture.
Analyze applicable data for trends and the creation of a plan to change architecture to adjust to identify trends.
Recommend system and implementation designs that support business owner risk acceptance and do not degrade the security posture of other organizational systems.
Lead in the design of security controls of information systems and facilitate implementation with internal resource or vendors.
Participate as a senior technical resource on project teams.
Perform risk assessments on information systems and create reports for senior management on recommendations for mitigation.
Plan and coordinate user awareness program initiatives.
Maintain the Payment Card Industry Data Security Standards (PCI-DSS) compliance program through assessments and reviews of existing solutions, self-assessments, vulnerability management and scope management.
Ensure Gaming systems are compliant with the standards set forth by the LGA.
Conduct and prepare research on assigned program elements (IRP, PCI-DSS. Security Controls, etc).
Investigate infrastructure requirements, research new products and solutions and provide product and pricing recommendations.
Collaborate with the Security and Human Resources departments regarding employee investigations for unacceptable business behavior and policy violations.
Create and maintain ITS policies and procedures.
Encourage a climate that supports diversity.
Performs other duties as assigned.
Completion of a recognized degree or diploma program in a related IT discipline, or an equivalent combination of education, certification, and experience.
A minimum of six (6) years information infrastructure experience and three years’ direct experience specializing in Information Security.
Certification as a Certified Information Systems Security Professional (CISSP) or SysAdmin, Audit, Networks, Security (SANS) professional certification (GIAC).
Certification as a PCI Internal Security Assessor (ISA). Certification for MBLL may be obtained on the job.
Significant written and verbal communication skills.
Strong analytical and organizational skills.
Recertification and upgrading is required to maintain certifications and keep up-to-date on changes in information technology.
The core competencies for this position include achieving quality results, adaptability/managing change, communication, customer service, decision making and problem solving, integrity and building trust, teamwork and cooperation and valuing diversity. These competencies are deemed important for the success of the position and organization.
Bilingual (French/English) language skills.
Certification as Certified Information Security Manager (CISM) or Certified Information Security Auditor (CISA).
Bargaining Unit: Exempt
Location: Milt Stegall Drive
Individuals should apply by completing our online application form at www.mbll.ca/jobs or by submitting a resume and application to:
Mail: Human Resources
1555 Buffalo Place
Winnipeg, Manitoba R3C 2X1
All applications are due by: January 28, 2019.