Information Security Technician

Reporting to Manager, Information Security, the Information Security Technician is responsible for providing security consultation and operational support within the Information Security Department. This role is responsible for the systems that provide Information Security and protect Manitoba Liquor & Lotteries (MBLL) from Cyber Threats. The position will support all aspects of the Security Program, consult and review complex security assessments, provide specialized security expertise inclusive of, but not limited to MBLL Information Technology Infrastructure, Cloud Services, First Nation Casinos and other associated technologies, processes and personnel that are managed or operated by MBLL. Cyber Security Operations Support all aspects of the MBLL's information security program, including but not limited to Vulnerability Management, Security Events Information Management (SIEM), Endpoint Detection & Response (EDR), Incident Response, PKI/Cryptography, Identity & Access Management (IAM), Privileged Access Management (PAM), Virtual Private Networks (VPN), secure remote access and authentication, file system monitoring, security awareness training and communications, and cloud technologies. Respond promptly to support requests (including service tickets, phone calls, emails, etc.) directed to the Information Security Department. Execute the daily information security runbook tasks, resolve notable issues or escalate to appropriate support staff. Develop, maintain, and enforce security operations policies, standards, and processes seeking continuous improvement and improved efficiency. Support projects and initiatives within the Information Security Department to maintain technical currency or to implement new cyber security capabilities. Work closely with ITS technical teams to ensure cyber security controls, best practices, and mitigation strategies are effectively implemented and maintained. Communicate discovered vulnerabilities and provide recommendations on mitigation to appropriate support staff and management. Periodic reviews and audits of information systems to ensure functionality of controls, appropriate security policy, standards, and regulatory compliance are in place. Develop insightful analysis and reporting of information security metrics, such as network traffic and firewall anomalies, phishing attempts, and patch management and vulnerability exposure. Conduct file integrity monitoring and reporting of gaming systems and retail operations. Conduct confidential cyber security investigations as requested by MBLL management. This position requires participation in an on-call rotation, providing after-hours support to address urgent and critical security issues as they arise. Cyber Security Incident Response Support technical investigations of information security incidents by following information security incident response plans and playbooks for detection, identification, analysis, investigation, response and recovery. Support eradication and mitigation activities with business and IT partners for security incident recovery related to IT or business application / infrastructure security incident. Perform threat, vulnerability, and forensics analysis. Continuously monitor and evaluate security events, vulnerabilities, and exploits. Actively monitor information security technologies used by MBLL and respond to detected malicious or suspicious events. Contribute to and support the development of incident response plans and playbooks and participate in validation activities with table-top exercises and simulations. Project and Administrative Duties Represent the Information Security Department on business project teams and act as a risk advisor. Conduct risk analysis and advise project teams on cyber security risk and related mitigations and best practices in alignment with MBLL's risk assessments and third-party risk management practices. Participates in information security architecture and system design development, ensuring that all activities adhere to MBLL's information security principles, standards, and processes. Participate in the development of information security policies that support the security strategy and corporate business objectives. Provide information required for the budgeting process, monitor spending, and use technical knowledge to ensure that resources required for projects and systems maintenance are utilized efficiently and responsibly. Other related duties as assigned. Completion of a recognized degree or a two-year college diploma in Computer Science or IT discipline, or an equivalent combination of education or certification and experience. A minimum of three years of information technology experience in a system/platform support role with experience in an information security role preferred. Strong communication and interpersonal skills. Experience and proficiency in Microsoft 365 (Word, Excel, PowerPoint, Teams and Outlook) Have and maintain a valid Manitoba Class 5 Driver's License and access to a reliable vehicle. The core competencies for this position include achieving quality results, adaptability/managing change, communication, customer service, decision making and problem solving, integrity and building trust, teamwork and cooperation and valuing diversity. These competencies are deemed important for the success of the position and organization. Professional information security certifications such as

ISC CC, CISSP, CISM, CRISC, OSCP, GPE, SANS

GIAC, etc. would be an asset. Vendor training certifications for cyber security and other related products to support the administration and operations of firewalls, security event monitoring, EDR, Microsoft Suite, Cloud Administration, networking, or other products would be an asset. Foundational knowledge and experience across multiple cyber security technologies is an asset, including but not limited to: Firewalls/VPNs, SIEM, Cloud Technologies, IAM, EDR, M365, Vulnerability Management, Network or Web Application Penetration Testing, PAM, etc. Knowledge of PCI and gaming-industry regulatory requirements and their potential impact on the organization from an information security perspective would be an asset. Experience in scripting languages such as PowerShell or Python. Demonstrated record of continuing cyber security education and certifications. Committed to continuous education and recertification to maintain professional certifications and keep current with evolving cyber security technologies, trends, and threats. Possess an understanding of cyber security concepts, controls, frameworks and standards including NIST and ISO. •Testing may form part of the screening/selection process. Employment Equity will be a factor in the recruitment process. Circumstances may arise where the bulletin may need to be withdrawn or the number of positions may need to be increased depending on the Collective Agreement. We thank all interested applicants, however, only those selected for interviews will be contacted.