Cyber Security Engineer

The Cyber Security Engineer is responsible for the planning, development, design, execution, and support of the operation and integration of cyber security tools and processes to protect Manitoba Liquor & Lotteries (MBLL) from cyber threats. The incumbent plays a lead role in the cyber security design of business and information technology related initiatives, cyber security risk management, and incident response. The position is also responsible for leading the design of innovative security solutions for the organization and evaluating and reporting compliance with various regulatory or contractual requirements. Cyber security engineering is responsible for project and operational related duties that is inclusive of, but is not limited to, MBLL information technology infrastructure, cloud services, First Nation Casinos and other associated technologies, processes and personnel that are managed or operated by MBLL. Duties Evaluate requirements and design the integration for cyber security identified solutions spanning multiple domains. Apply enterprise architecture and system security engineering principles to ensure effective solution design and delivery of real solutions premeditated to enhance MBLL’s security posture. Recommend system and implementation designs that support business owner risk acceptance and do not degrade the security posture of other organizational systems. Implement, configure, and tune security technologies for the enterprise security program in support of business and IT programs/projects for both on premise and cloud solutions such as: Firewalls, WAF, IDS/IPS, secure web gateways/web proxy, IAM solutions, endpoint detection and response solutions (EDR), DLP/FIM, NAC, SIEM and others. Lead in the design of security controls of information systems and facilitate implementation with internal resource or vendors. Evaluate technology for compliance with organizational standards and existing architecture. Create, update, and maintain procedures, standards, and guidelines for secure design, implementation, and operation of information systems and services. Plan, implement, manage, monitor, and upgrade security controls for the protection of the organization's data, systems, and networks. Implement security standards for all aspects of the infrastructure while having a security by design and by default mind set. Participate as a senior technical resource on project teams. Maintain the Payment Card Industry Data Security Standards (PCI-DSS) compliance program through assessments and reviews of existing solutions, self-assessments, vulnerability management, and scope management. Ensure MBLL and First Nation Casino Gaming systems are compliant with the standards set forth by the Liquor, Gaming and Cannabis Authority (LGCA). Evaluate technology for compliance with legal, regulatory, or contractual requirements, organizational standards, and existing architecture. Work with team members and business stakeholders to ensure all stages of the Cyber Security Incident Management Response are covered; Prepare, Detect, Contain, Investigate, Eradicate, Recover, Follow-Up. Perform event and incident triage, threat hunting, and incident response (to include basic malware analysis and forensic investigations). Provide support and technical expertise during incident response and assist with post incident action plan creation. Investigate breaches and implement solid plans of incident response, learning from past shortcomings to create ever more robust security protocols and procedures. Create runbooks for frequently occurring incidents to automate or assist with the handling and resolution of similar future incidents. Develop, maintain, and evolve IT and Cyber Security risk assessment and management practices for use in security evaluations, cloud risk assessments and third-party risk management for existing operations and new initiatives. Perform IT and Cyber Security risk assessments on technology systems and business solutions and create reports for senior management. Operate, maintain and evolve tools and processes that support the cyber security program that includes, but not limited to PKI/Cryptography, secure network and system architecture (SASE/SD-WAN/VPN/ZTA/NextGen FW), IAM, PAM, Vulnerability Management, MITRE ATT&CK®, cloud technologies, SIEM and more. Manage cross-department collaboration and communication to ensure appropriate security processes, procedures, and tools are installed, monitored, and effectively operating and alerting. Assist, train, and mentor other cyber security and ITS team members in the use of security tools, application of security standards, the preparation of security reports and the resolution of security issues. Work with ITS operations teams to implement best practices, remediate, mitigate, and troubleshoot issues. Develop, maintain, and enforce security operations policies, standards, and processes (run books) seeking continuous improvement and driving efficiency. Perform threat, vulnerability, and forensics analysis. As a senior resource, act as the escalation point to aid in troubleshooting security events and issues and execute complex or advanced service requests. Plan, coordinate, or assist in cyber security user awareness program initiatives. Periodic review and assess performance and functionality of the various security controls used in the corporation. Identify threats and develop suitable defense measures, evaluate system changes for security implications, and recommend enhancements, research, and draft cyber security white papers, and provide first-class support to the cyber security operations staff for resolving difficult cyber security issues. Actively monitor and research cyber security threats, always be up to date with a direct or indirect threat landscape that could impact business operations, or technology infrastructure. Conduct and prepare research on assigned and evolving program elements (Incident Response, Payment or Gaming compliance, Security Controls, etc.). Investigate infrastructure requirements, research new products and solutions and provide product and pricing recommendations. Lead, develop, and support cloud-based solutions with appropriate cyber security controls, tools, and design patterns to provide capabilities for identification, detection, prevention, and response to threats related to cloud solutions and any associated integrations to MBLL. Identify and recommend ways to improve security team performance through automation, tooling, or process. Communicate the importance of security to the wider organization in a clear and simple way. Engage appropriate management and communication channels to report any identified potential cyber security, ITS policy, criminal issues or negligence. Other related duties as assigned. Qualifications Completion of a recognized degree or diploma program in a related IT discipline, or an equivalent combination of education, certification, and experience. Certification as a Certified Information Systems Security Professional (CISSP) or SANS professional certification (GIAC). A minimum of ten years progressive information technology experience with a minimum of eight years direct experience specializing in Cyber Security. Experience with the Payment Card Industry Data Security Standards and the application and assessment of those standards as well a certification as a PCI Internal Security Assessor (ISA) or willingness to become certified. Excellent foundational knowledge and experience across multiple cyber security technologies including, but not limited to, Firewalls/VPNs, SIEM, Cloud Technologies, IAM, EDR, M365, Vulnerability Management, Network or Web Application Penetration Testing, PAM, etc. Experience applying and combining different technologies and processes to new or existing business and cyber security systems to creatively resolve technological issues, address vulnerabilities, develop automation, or increase cyber security operational efficiencies. Broad knowledge of complex and leading-edge cyber security and related or supported technology solutions and specific applications coupled with a requirement to develop and maintain knowledge of MBLL’s core businesses and support functions. Requires an in-depth knowledge of core networking principles (switching, routing, OSI, etc.). Must have an in-depth knowledge of gaming compliance requirements. Significant written and verbal communication skills. Strong analytical and organizational skills. Committed to continuous education and recertification to maintain professional certifications and keep current with evolving cyber security technologies, trends, and threats. Have and maintain a valid Manitoba Class 5 Drivers License and access to a reliable vehicle. Experience in scripting languages such as PowerShell, Shell, Python, etc. is considered an asset. Certification as Certified Information Security Manager (CISM) or Certified Information Security Auditor (CISA) is considered an asset. The core competencies for this position include achieving quality results, adaptability/managing change, communication, customer service, decision making and problem solving, integrity and building trust, teamwork and cooperation and valuing diversity. These competencies are deemed important for the success of the position and organization. Secondary Qualifications French/English bilingual skills are an asset. Testing may form part of the screening/selection process. Employment Equity will be a factor in the recruitment process. Circumstances may arise where the bulletin may need to be withdrawn or the number of positions may need to be increased. We thank all interested applicants, however, only those selected for interviews will be contacted. Seniority level Mid-Senior level Employment type Full-time Job function Information Technology Gambling Facilities and Casinos Referrals increase your chances of interviewing at Manitoba Liquor & Lotteries Corporation by 2x Get notified about new Cyber Security Engineer jobs in Winnipeg, Manitoba, Canada . Linux Cryptography and Security Engineer We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr