Information Security Technician
Top Benefits
About the role
***All Manitoba Liquor & Lotteries employees may apply.***Manitoba Liquor and Lotteries is committed to Diversity, Equity and Inclusion. We strive to hire a workforce that reflects the community we serve. Employment equity will be considered therefore applicants who identify as women, Indigenous people, members of racialized groups, and persons with a disability are encouraged to apply.
If you require an accommodation at any time during the recruitment process, please let us know how we can meet your needs.
##Job Purpose
Reporting to Manager, Information Security, the Information Security Technician is responsible for providing security consultation and operational support within the Information Security Department. This role is responsible for the systems that provide Information Security and protect Manitoba Liquor & Lotteries (MBLL) from Cyber Threats. The position will support all aspects of the Security Program, consult and review complex security assessments, provide specialized security expertise inclusive of, but not limited to MBLL Information Technology Infrastructure, Cloud Services, First Nation Casinos and other associated technologies, processes and personnel that are managed or operated by MBLL.
##Job Responsibilities
Cyber Security Operations
- Support all aspects of the MBLL’s information security program, including but not limited to Vulnerability Management, Security Events Information Management (SIEM), Endpoint Detection & Response (EDR), Incident Response, PKI/Cryptography, Identity & Access Management (IAM), Privileged Access Management (PAM), Virtual Private Networks (VPN), secure remote access and authentication, file system monitoring, security awareness training and communications, and cloud technologies.
- Respond promptly to support requests (including service tickets, phone calls, emails, etc.) directed to the Information Security Department.
- Execute the daily information security runbook tasks, resolve notable issues or escalate to appropriate support staff.
- Develop, maintain, and enforce security operations policies, standards, and processes seeking continuous improvement and improved efficiency.
- Support projects and initiatives within the Information Security Department to maintain technical currency or to implement new cyber security capabilities.
- Work closely with ITS technical teams to ensure cyber security controls, best practices, and mitigation strategies are effectively implemented and maintained.
- Communicate discovered vulnerabilities and provide recommendations on mitigation to appropriate support staff and management.
- Periodic reviews and audits of information systems to ensure functionality of controls, appropriate security policy, standards, and regulatory compliance are in place.
- Develop insightful analysis and reporting of information security metrics, such as network traffic and firewall anomalies, phishing attempts, and patch management and vulnerability exposure.
- Conduct file integrity monitoring and reporting of gaming systems and retail operations.
- Conduct confidential cyber security investigations as requested by MBLL management.
- This position requires participation in an on-call rotation, providing after-hours support to address urgent and critical security issues as they arise.
Cyber Security Incident Response
- Support technical investigations of information security incidents by following information security incident response plans and playbooks for detection, identification, analysis, investigation, response and recovery.
- Support eradication and mitigation activities with business and IT partners for security incident recovery related to IT or business application / infrastructure security incident.
- Perform threat, vulnerability, and forensics analysis. Continuously monitor and evaluate security events, vulnerabilities, and exploits.
- Actively monitor information security technologies used by MBLL and respond to detected malicious or suspicious events.
- Contribute to and support the development of incident response plans and playbooks and participate in validation activities with table-top exercises and simulations.
Project and Administrative Duties
- Represent the Information Security Department on business project teams and act as a risk advisor. Conduct risk analysis and advise project teams on cyber security risk and related mitigations and best practices in alignment with MBLL’s risk assessments and third-party risk management practices.
- Participates in information security architecture and system design development, ensuring that all activities adhere to MBLL’s information security principles, standards, and processes.
- Participate in the development of information security policies that support the security strategy and corporate business objectives.
- Provide information required for the budgeting process, monitor spending, and use technical knowledge to ensure that resources required for projects and systems maintenance are utilized efficiently and responsibly.
- Other related duties as assigned.
##Primary Qualifications
- Completion of a recognized degree or a two-year college diploma in Computer Science or IT discipline, or an equivalent combination of education or certification and experience.
- A minimum of three years of information technology experience in a system/platform support role with experience in an information security role preferred.
- Strong communication and interpersonal skills.
- Experience and proficiency in Microsoft 365 (Word, Excel, PowerPoint, Teams and Outlook)
- Have and maintain a valid Manitoba Class 5 Driver's License and access to a reliable vehicle.
- The core competencies for this position include achieving quality results, adaptability/managing change, communication, customer service, decision making and problem solving, integrity and building trust, teamwork and cooperation and valuing diversity. These competencies are deemed important for the success of the position and organization.
##Secondary Qualifications
-
Professional information security certifications such as ISC CC, CISSP, CISM, CRISC, OSCP, GPE, SANS GIAC, etc. would be an asset.
-
Vendor training certifications for cyber security and other related products to support the administration and operations of firewalls, security event monitoring, EDR, Microsoft Suite, Cloud Administration, networking, or other products would be an asset.
-
Foundational knowledge and experience across multiple cyber security technologies is an asset, including but not limited to: Firewalls/VPNs, SIEM, Cloud Technologies, IAM, EDR, M365, Vulnerability Management, Network or Web Application Penetration Testing, PAM, etc.
-
Knowledge of PCI and gaming-industry regulatory requirements and their potential impact on the organization from an information security perspective would be an asset.
-
Experience in scripting languages such as PowerShell or Python.
-
Demonstrated record of continuing cyber security education and certifications. Committed to continuous education and recertification to maintain professional certifications and keep current with evolving cyber security technologies, trends, and threats.
-
Possess an understanding of cyber security concepts, controls, frameworks and standards including NIST and ISO.
***Testing may form part of the screening/selection process. Employment Equity will be a factor in the recruitment process. Circumstances may arise where the bulletin may need to be withdrawn or the number of positions may need to be increased depending on the Collective Agreement.
We thank all interested applicants, however, only those selected for interviews will be contacted.
A Great Place to Work! Enjoy fantastic benefits with our Total Rewards package
Work/Life Balance and Wellness
-**Discretionary Time:**Up to 10 paid discretionary leave days per year, depending on bargaining unit. Employees can carry forward discretionary leave days each year for a total of up to 50 days. -**Hybrid Work Model for Eligible Positions:**Remote/Office work for eligible positions. -**Flex Time:**Flexible shifts and work hours for eligible positions. -**Maternity and Parental Leave:**Top-up of E.I. maternity leave benefits to 93% of employee’s basic earnings for 17 weeks. -**Fitness Allowance Reimbursement, depending on bargaining unit:**Up to $250 per year that can be used to cover gym memberships, fitness equipment, and more. -**Computer Purchase /Fitness Purchase Program:**Interest free loans for employees purchasing computer equipment to increase computer literacy, learning, and professional growth, or to purchase fitness equipment for personal health and wellness. -**Diversity and Inclusion:**Our Diversity, Equity and Inclusion Committee is made up of employees from across the organization who are passionate about bringing diversity and inclusion to life. -**The Together Project:**At Liquor & Lotteries, Caring is part of our corporate culture - we care for each other, our partners, and our community The Together Project represents the charitable efforts of the corporation and its employees working together to enrich the lives of Manitobans. Employee charitable activities are eligible for reward benefits.
Vacation
- Accrue up to 10 paid vacation days per year during the first 2 years of employment.
- Accrue 15 paid vacation days per year after 3 years of employment.
- Accrue 20 paid vacation days per year after 5 years of employment.
- Accrue 25 paid vacation days per year after 9 years of employment.
- Accrue 30 paid vacation days per year after 19 years of employment.
Retirement Savings Plan
- Defined Benefit Pension Plan: Guaranteed lifelong monthly payment at retirement provides great security for employee’s long-term strategy.
- Voluntary Group Registered Retirement Savings Plan
Health Insurance and Benefits
- Customize your Plan: Choose from a variety of options to best fit your needs. Includes coverage for prescription drugs, vision, dental, ambulance, extended health options and more for you and your eligible dependents. Health Spending Account: Depending on the option you choose, you may receive up to $1,750 towards eligible medical or dental expenses.
Flex Credit: Depending on the bargaining unit and status, you may be provided with a Flex Credit amount to purchase some or all of Group Life Insurance, Accidental Death and Disablement Insurance & Dependent Life Insurance.
World-wide Travel Health Benefits
Employee & Family Assistance Program (EFAP): Free professional wellness support for employees and their immediate family member
Training and Development
- Educational Assistance: Tuition reimbursement for eligible employees.
- Training: Variety of courses and programs to support skill and professional development.
- Career progression: Internal job posting system that provides opportunities for a variety of career paths.
- Apprenticeship and skilled trade training: Programs offered in partnership with educational institutions such as RRC Polytech, the University of Winnipeg, and the University of Manitoba.
Discounts and Rewards
- Employee Rewards & Recognition Program: Points-based program recognizing employees for earned and nominated achievements such as long-service, going above and beyond, and community volunteer work.
- Discounts: Employees receive exclusive discounts from a variety of retailers, entertainment venues, and service providers.
About Manitoba Liquor & Lotteries
Manitoba Liquor & Lotteries is a Crown corporation of the Province of Manitoba with the purpose to enrich the lives of Manitobans. We distribute and sell liquor, provide gaming and entertainment experiences, and source and distribute non-medical cannabis to retailers in the province, all in a socially responsible manner.
Our profits go to the Province of Manitoba's general revenue and support priority programming in areas like health care, education, social and community services. Two per cent of anticipated annual net income is committed towards responsible gambling, responsible liquor and cannabis consumption, and research and treatment programs.
We operate Club Regent Casino, McPhillips Station Casino and PlayNow.com. The province's VLT network, managed through our Morris office, supports the province's hotel and restaurant industry. We distribute and sell Western Canada Lottery Corporation products through our network of privately-owned lottery ticket retailers.
One of the largest single buyers of beverage alcohol in the world, Manitoba Liquor & Lotteries brings an incredible array of products into our province from over 50 different countries. As a retailer, we operate 63 Liquor Mart and Liquor Mart Express stores throughout the province. As the wholesaler and distributor of liquor for the province, the corporation's distribution centre serves more than 1,700 commercial customers across Manitoba including privately-owned liquor vendors, duty-free stores, and specialty wine stores.
We source and distribute non-medical cannabis to privately-owned retailers in Manitoba. Our province uses a direct distribution model that sees cannabis ship directly from Canadian producers to retailers.
Similar jobs you might like
Information Security Technician
Top Benefits
About the role
***All Manitoba Liquor & Lotteries employees may apply.***Manitoba Liquor and Lotteries is committed to Diversity, Equity and Inclusion. We strive to hire a workforce that reflects the community we serve. Employment equity will be considered therefore applicants who identify as women, Indigenous people, members of racialized groups, and persons with a disability are encouraged to apply.
If you require an accommodation at any time during the recruitment process, please let us know how we can meet your needs.
##Job Purpose
Reporting to Manager, Information Security, the Information Security Technician is responsible for providing security consultation and operational support within the Information Security Department. This role is responsible for the systems that provide Information Security and protect Manitoba Liquor & Lotteries (MBLL) from Cyber Threats. The position will support all aspects of the Security Program, consult and review complex security assessments, provide specialized security expertise inclusive of, but not limited to MBLL Information Technology Infrastructure, Cloud Services, First Nation Casinos and other associated technologies, processes and personnel that are managed or operated by MBLL.
##Job Responsibilities
Cyber Security Operations
- Support all aspects of the MBLL’s information security program, including but not limited to Vulnerability Management, Security Events Information Management (SIEM), Endpoint Detection & Response (EDR), Incident Response, PKI/Cryptography, Identity & Access Management (IAM), Privileged Access Management (PAM), Virtual Private Networks (VPN), secure remote access and authentication, file system monitoring, security awareness training and communications, and cloud technologies.
- Respond promptly to support requests (including service tickets, phone calls, emails, etc.) directed to the Information Security Department.
- Execute the daily information security runbook tasks, resolve notable issues or escalate to appropriate support staff.
- Develop, maintain, and enforce security operations policies, standards, and processes seeking continuous improvement and improved efficiency.
- Support projects and initiatives within the Information Security Department to maintain technical currency or to implement new cyber security capabilities.
- Work closely with ITS technical teams to ensure cyber security controls, best practices, and mitigation strategies are effectively implemented and maintained.
- Communicate discovered vulnerabilities and provide recommendations on mitigation to appropriate support staff and management.
- Periodic reviews and audits of information systems to ensure functionality of controls, appropriate security policy, standards, and regulatory compliance are in place.
- Develop insightful analysis and reporting of information security metrics, such as network traffic and firewall anomalies, phishing attempts, and patch management and vulnerability exposure.
- Conduct file integrity monitoring and reporting of gaming systems and retail operations.
- Conduct confidential cyber security investigations as requested by MBLL management.
- This position requires participation in an on-call rotation, providing after-hours support to address urgent and critical security issues as they arise.
Cyber Security Incident Response
- Support technical investigations of information security incidents by following information security incident response plans and playbooks for detection, identification, analysis, investigation, response and recovery.
- Support eradication and mitigation activities with business and IT partners for security incident recovery related to IT or business application / infrastructure security incident.
- Perform threat, vulnerability, and forensics analysis. Continuously monitor and evaluate security events, vulnerabilities, and exploits.
- Actively monitor information security technologies used by MBLL and respond to detected malicious or suspicious events.
- Contribute to and support the development of incident response plans and playbooks and participate in validation activities with table-top exercises and simulations.
Project and Administrative Duties
- Represent the Information Security Department on business project teams and act as a risk advisor. Conduct risk analysis and advise project teams on cyber security risk and related mitigations and best practices in alignment with MBLL’s risk assessments and third-party risk management practices.
- Participates in information security architecture and system design development, ensuring that all activities adhere to MBLL’s information security principles, standards, and processes.
- Participate in the development of information security policies that support the security strategy and corporate business objectives.
- Provide information required for the budgeting process, monitor spending, and use technical knowledge to ensure that resources required for projects and systems maintenance are utilized efficiently and responsibly.
- Other related duties as assigned.
##Primary Qualifications
- Completion of a recognized degree or a two-year college diploma in Computer Science or IT discipline, or an equivalent combination of education or certification and experience.
- A minimum of three years of information technology experience in a system/platform support role with experience in an information security role preferred.
- Strong communication and interpersonal skills.
- Experience and proficiency in Microsoft 365 (Word, Excel, PowerPoint, Teams and Outlook)
- Have and maintain a valid Manitoba Class 5 Driver's License and access to a reliable vehicle.
- The core competencies for this position include achieving quality results, adaptability/managing change, communication, customer service, decision making and problem solving, integrity and building trust, teamwork and cooperation and valuing diversity. These competencies are deemed important for the success of the position and organization.
##Secondary Qualifications
-
Professional information security certifications such as ISC CC, CISSP, CISM, CRISC, OSCP, GPE, SANS GIAC, etc. would be an asset.
-
Vendor training certifications for cyber security and other related products to support the administration and operations of firewalls, security event monitoring, EDR, Microsoft Suite, Cloud Administration, networking, or other products would be an asset.
-
Foundational knowledge and experience across multiple cyber security technologies is an asset, including but not limited to: Firewalls/VPNs, SIEM, Cloud Technologies, IAM, EDR, M365, Vulnerability Management, Network or Web Application Penetration Testing, PAM, etc.
-
Knowledge of PCI and gaming-industry regulatory requirements and their potential impact on the organization from an information security perspective would be an asset.
-
Experience in scripting languages such as PowerShell or Python.
-
Demonstrated record of continuing cyber security education and certifications. Committed to continuous education and recertification to maintain professional certifications and keep current with evolving cyber security technologies, trends, and threats.
-
Possess an understanding of cyber security concepts, controls, frameworks and standards including NIST and ISO.
***Testing may form part of the screening/selection process. Employment Equity will be a factor in the recruitment process. Circumstances may arise where the bulletin may need to be withdrawn or the number of positions may need to be increased depending on the Collective Agreement.
We thank all interested applicants, however, only those selected for interviews will be contacted.
A Great Place to Work! Enjoy fantastic benefits with our Total Rewards package
Work/Life Balance and Wellness
-**Discretionary Time:**Up to 10 paid discretionary leave days per year, depending on bargaining unit. Employees can carry forward discretionary leave days each year for a total of up to 50 days. -**Hybrid Work Model for Eligible Positions:**Remote/Office work for eligible positions. -**Flex Time:**Flexible shifts and work hours for eligible positions. -**Maternity and Parental Leave:**Top-up of E.I. maternity leave benefits to 93% of employee’s basic earnings for 17 weeks. -**Fitness Allowance Reimbursement, depending on bargaining unit:**Up to $250 per year that can be used to cover gym memberships, fitness equipment, and more. -**Computer Purchase /Fitness Purchase Program:**Interest free loans for employees purchasing computer equipment to increase computer literacy, learning, and professional growth, or to purchase fitness equipment for personal health and wellness. -**Diversity and Inclusion:**Our Diversity, Equity and Inclusion Committee is made up of employees from across the organization who are passionate about bringing diversity and inclusion to life. -**The Together Project:**At Liquor & Lotteries, Caring is part of our corporate culture - we care for each other, our partners, and our community The Together Project represents the charitable efforts of the corporation and its employees working together to enrich the lives of Manitobans. Employee charitable activities are eligible for reward benefits.
Vacation
- Accrue up to 10 paid vacation days per year during the first 2 years of employment.
- Accrue 15 paid vacation days per year after 3 years of employment.
- Accrue 20 paid vacation days per year after 5 years of employment.
- Accrue 25 paid vacation days per year after 9 years of employment.
- Accrue 30 paid vacation days per year after 19 years of employment.
Retirement Savings Plan
- Defined Benefit Pension Plan: Guaranteed lifelong monthly payment at retirement provides great security for employee’s long-term strategy.
- Voluntary Group Registered Retirement Savings Plan
Health Insurance and Benefits
- Customize your Plan: Choose from a variety of options to best fit your needs. Includes coverage for prescription drugs, vision, dental, ambulance, extended health options and more for you and your eligible dependents. Health Spending Account: Depending on the option you choose, you may receive up to $1,750 towards eligible medical or dental expenses.
Flex Credit: Depending on the bargaining unit and status, you may be provided with a Flex Credit amount to purchase some or all of Group Life Insurance, Accidental Death and Disablement Insurance & Dependent Life Insurance.
World-wide Travel Health Benefits
Employee & Family Assistance Program (EFAP): Free professional wellness support for employees and their immediate family member
Training and Development
- Educational Assistance: Tuition reimbursement for eligible employees.
- Training: Variety of courses and programs to support skill and professional development.
- Career progression: Internal job posting system that provides opportunities for a variety of career paths.
- Apprenticeship and skilled trade training: Programs offered in partnership with educational institutions such as RRC Polytech, the University of Winnipeg, and the University of Manitoba.
Discounts and Rewards
- Employee Rewards & Recognition Program: Points-based program recognizing employees for earned and nominated achievements such as long-service, going above and beyond, and community volunteer work.
- Discounts: Employees receive exclusive discounts from a variety of retailers, entertainment venues, and service providers.
About Manitoba Liquor & Lotteries
Manitoba Liquor & Lotteries is a Crown corporation of the Province of Manitoba with the purpose to enrich the lives of Manitobans. We distribute and sell liquor, provide gaming and entertainment experiences, and source and distribute non-medical cannabis to retailers in the province, all in a socially responsible manner.
Our profits go to the Province of Manitoba's general revenue and support priority programming in areas like health care, education, social and community services. Two per cent of anticipated annual net income is committed towards responsible gambling, responsible liquor and cannabis consumption, and research and treatment programs.
We operate Club Regent Casino, McPhillips Station Casino and PlayNow.com. The province's VLT network, managed through our Morris office, supports the province's hotel and restaurant industry. We distribute and sell Western Canada Lottery Corporation products through our network of privately-owned lottery ticket retailers.
One of the largest single buyers of beverage alcohol in the world, Manitoba Liquor & Lotteries brings an incredible array of products into our province from over 50 different countries. As a retailer, we operate 63 Liquor Mart and Liquor Mart Express stores throughout the province. As the wholesaler and distributor of liquor for the province, the corporation's distribution centre serves more than 1,700 commercial customers across Manitoba including privately-owned liquor vendors, duty-free stores, and specialty wine stores.
We source and distribute non-medical cannabis to privately-owned retailers in Manitoba. Our province uses a direct distribution model that sees cannabis ship directly from Canadian producers to retailers.