Cyber Security Engineer

The Cyber Security Engineer is responsible for the planning, development, design, execution, and support of the operation and integration of cyber security tools and processes to protect Manitoba Liquor & Lotteries (MBLL) from cyber threats. The incumbent plays a lead role in the cyber security design of business and information technology related initiatives, cyber security risk management, and incident response. The position is also responsible for leading the design of innovative security solutions for the organization and evaluating and reporting compliance with various regulatory or contractual requirements.

Cyber security engineering is responsible for project and operational related duties that is inclusive of, but is not limited to, MBLL information technology infrastructure, cloud services, First Nation Casinos and other associated technologies, processes and personnel that are managed or operated by MBLL.

• Evaluate requirements and design the integration for cyber security identified solutions spanning multiple domains.
• Apply enterprise architecture and system security engineering principles to ensure effective solution design and delivery of real solutions premeditated to enhance MBLL’s security posture.
• Recommend system and implementation designs that support business owner risk acceptance and do not degrade the security posture of other organizational systems.
• Implement, configure, and tune security technologies for the enterprise security program in support of business and IT programs/projects for both on premise and cloud solutions such as:
  Firewalls, WAF, IDS/IPS, secure web gateways/web proxy, IAM solutions, endpoint detection and response solutions (EDR), DLP/FIM, NAC, SIEM and others.
• Lead in the design of security controls of information systems and facilitate implementation with internal resource or vendors.
• Evaluate technology for compliance with organizational standards and existing architecture.
• Create, update, and maintain procedures, standards, and guidelines for secure design, implementation, and operation of information systems and services.
• Plan, implement, manage, monitor, and upgrade security controls for the protection of the organization's data, systems, and networks.
• Implement security standards for all aspects of the infrastructure while having a security by design and by default mind set.
• Participate as a senior technical resource on project teams.
• Maintain the Payment Card Industry Data Security Standards (PCI-DSS) compliance program through assessments and reviews of existing solutions, self-assessments, vulnerability management, and scope management.
• Ensure MBLL and First Nation Casino Gaming systems are compliant with the standards set forth by the Liquor, Gaming and Cannabis Authority (LGCA).
• Evaluate technology for compliance with legal, regulatory, or contractual requirements, organizational standards, and existing architecture.
• Work with team members and business stakeholders to ensure all stages of the Cyber Security Incident Management Response are covered;
  Prepare, Detect, Contain, Investigate, Eradicate, Recover, Follow-Up.
• Perform event and incident triage, threat hunting, and incident response (to include basic malware analysis and forensic investigations).
• Provide support and technical expertise during incident response and assist with post incident action plan creation.
• Investigate breaches and implement solid plans of incident response, learning from past shortcomings to create ever more robust security protocols and procedures.
• Create runbooks for frequently occurring incidents to automate or assist with the handling and resolution of similar future incidents.
• Develop, maintain, and evolve IT and Cyber Security risk assessment and management practices for use in security evaluations, cloud risk assessments and third-party risk management for existing operations and new initiatives.
• Perform IT and Cyber Security risk assessments on technology systems and business solutions and create reports for senior management.
• Operate, maintain and evolve tools and processes that support the cyber security program that includes, but not limited to…