Governance Risk,

Is the next step in your career, helping define, implement, and mature Cybersecurity Governance, Risk and Compliance Management Services at a data-driven organization? Are you passionate about identifying opportunities to mitigate risk ?Do you get energized guiding others through processes to identify and manage cybersecurity risks? We are looking for someone with a passion for cybersecurity and who wants to influence our next steps in the ever-evolving cybersecurity landscape.

If this is you, we want to connect.

**The Role**

The Western Canada Lottery Corporation (WCLC) is looking to add a **Cybersecurity Governance Risk, and Compliance (GRC) Analyst** to our Cybersecurity team.

We’re looking for someone who can.
- Support the evolution of the Cybersecurity GRC framework and the design, implementation, and management of supporting services
- and/or support Cybersecurity Risk assessments, 3rd party assessments, and independent controls assessments
- Maintain the cybersecurity risk register based on results of various assessments and ongoing management and monitoring of risks
- Update and maintain cybersecurity standards to align with organizational security policy. Support communication and awareness of these standards across WCLC
- Provide security risk management and internal controls expertise, knowledge, and assistance to control, process, and risk owners
- Support the design, implementation, testing and ongoing reporting on effectiveness of technology controls
- Develop, gather and analyze metrics to measure Cybersecurity program effectiveness.
- Develop and report on key risk indicators, identifying recommendations for risk mitigation based on results.
- Assist in ongoing monitoring and compliance with security policy and standards across the organization
- Supports regulatory, audit and compliance assessments and findings both internally and externally
- Track and report on control deficiencies and exemptions

**Qualifications**
- 5-7 years’ experience within the area of cybersecurity, risk, compliance, and/or governance
- University or College education, preferably computer science related, or equivalent combination of education and experience is considered an asset.
- Professional Designation in IT risk, compliance, or Security such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in Risk and Information Systems Control (CRISC) or Certified Information Security Professional (CISSP) is an asset
- Experience with risk assessment methodologies and IT Control Frameworks such as NIST, ISO, PCI, CIS, and COBIT
- Demonstrated ability to translate policies to actionable operational standards and directions.
- Critical thinker with strong problem-solving skills.
- Demonstrated leadership experience with and ability to work independently and within a team environment
- Experience in the fields of IT auditing and technology risk management an asset
- Previous experience using GRC tools
- Experience facilitating and influencing discussions with diverse groups.
- Ability to multi-task and change direction/priorities quickly.
- Excellent organizational, oral and written communication skills.
- Knowledge of the Lottery and Gaming industry is an asset.

**Who we are**

You may not have heard of us before, but you’ve almost certainly heard of the products we help bring to players throughout the Prairie Provinces and the North every day; lottery games like LOTTO 6/49, SPORT SELECT, and dozens of instant scratch tickets.

WCLC is the non-profit organization authorized to manage, conduct, and operate lotteries - at retail and online - and other gaming-related activities for the governments of Alberta, Saskatchewan, and Manitoba as well as the Yukon, Northwest Territories, and Nunavut. We work closely with our provincial partners to bring a first-rate lottery experience to our players and meet their changing needs with new technology and tools.

We know it’s our people that make this possible, which is why we invest in building talented, adaptable, and accountable teams. We’d love to talk to you about how you fit into that.

We offer a challenging, collaborative work environment, competitive benefits, and a good work-life balance.