Job Description
Winnipeg, Manitoba

Director, Information Security

We’re looking for a proactive Director, Information Security to join our Information Security team within our Corporate Head Office in Winnipeg. As a proven innovator in digital solutions, we are dedicated to helping lotteries adopt new technologies that improve the player experience, expand into new channels, and manage lottery operations more effectively.

As Director, Information Security you will ensure Pollard’s information systems’ security aligns with relevant industry standards and remains compliant with information security requirements imposed by industry certification requirements, client contracts, and applicable law. In addition, you will oversee the Information Security team and serve as the Chairperson of the Information Security Governance Committee.

What We Offer

  • Competitive compensation
  • Profit sharing program – every role plays a part in our success!
  • Company pension
  • Health & Extended Benefits
  • Opportunities for professional development
  • Tuition reimbursement
  • Employee & Family Assistance Program
  • On-Site Cafeteria & Outdoor Patio
  • On Site Gym
  • A variety of committee driven employee engagement activities
  • Free Parking

What You’ll Do

  • Lead strategic development of information security roadmaps and company-wide strategy for continuous security posture improvement.
  • Work closely with peers and business leads to build and implement controls in alignment with risk-posture, architectural standards, company strategy, and industry best practices & trend.
  • Lead Pollard’s ISO 27001 program and the development of associated process and procedures required to demonstrate compliance.
  • Lead a compliance program that includes Payment Card Industry (PCI) or SOC audit requirements.
  • Provide leadership, direction, governance and support to Pollard owned subsidiary companies to ensure compliance with Information Security standards.
  • Lead the information security team, providing mentorship and direction on security-related initiatives.
  • Partner with IT Operations, Applications, DevOps, and Product Teams to build, augment, and maintain an effective control environment in response to routine vulnerability and risk assessments.
  • Support technology implementations in partnership with the Project Management Office and various IT departments
  • Define & document security policies, procedures, standards and guidelines.
  • Operationalize and automate security related technologies and features in close coordination with IT operations.
  • Foster a collaborative culture supporting innovation, integrity, transparency, and business alignment, balancing risk tradeoffs with options and best practices.
  • Address security remediation action plans and working with peers and leadership to prioritize activities.
  • Manage information Security issues and breaches and reporting on identification, impact, investigations, resolutions and remediation plans.
  • Support sales and marketing through RFP responses, security collateral creation, and educating the business development team on Pollard Banknote’s security frameworks.
  • Stay current on security trends, vendors, and tools, strategically incorporating relevant findings into the Pollard security program.
  • Lead security awareness for employees, contractors, vendors, and customers ensuring Pollard’s  strong commitment to information security.
  • Conduct information security audits, vulnerability, and risk assessments on internal processes, technology solutions, vendors, and new business units, including accountability for the Information Security Risk Register
  • Work with internal & external auditors, customers, and outside consultants when necessary on required security assessments and audits, coordinating and tracking all information technology and security related audits including scope, timelines, outcomes, and remediation activities

Who You Are

  • An individual who excels in providing strategic direction for information security initiatives.
  • Someone who exhibits a strategic mindset, anticipating and mitigating potential security challenges proactively.
  • An excellent communicator, fostering collaboration with cross-functional teams, peers, and business leads.
  • Able to build strong working relationships that facilitate smooth implementation of security controls aligned with organizational goals.
  • Someone who upholds the highest standards of ethical conduct, ensuring compliance with industry requirements and legal obligations.

What You’ll Bring

  • 10+ years of experience in information security
  • 3+ years of experience managing a security team.
  • Post-secondary education in computer science (or equivalent),
  • Demonstrated technical leadership in a cross-functional security role.
  • Proven track record in developing, implementing and integrating security tools, technologies and processes both on-prem and in cloud-based architectures.
  • Experience working with application/product development & DevOps teams on the design and implementation of best practices for security as an embedded function of the various software development processes.
  • Experience building and designing enterprise security strategies and establishing enterprise security processes and technology standards.
  • Experience project-managing security control implementations
  • Expertise with security technology controls (firewalls, orchestration platforms, anti-malware, forensics, IAM, IDS, DLP, etc.)
  • Experience with DevOps environments and AWS / Azure security controls is a strong asset.
  • Strong understanding of ITIL and Service Management processes
  • Knowledge of the Agile System Development Lifecycle approach
  • Experience with standards and compliance frameworks including ISO, NIST, SSAE SOC, SANS, OWASP, ITIL, etc.
  • Familiarity with security architecture models is a plus.
  • Certifications such as CISSP, CISM, ISSAP, CRISC, and SANS preferred.

Apply now by submitting a cover letter and resume outlining fit and salary to humanresources@pbl.ca.

Pollard Banknote Limited is an equal opportunity employer, committed to promoting and maintaining a diverse and inclusive workforce. Reasonable accommodations are available upon request.

By submitting this application, the applicant consents to Pollard Banknote Ltd. collecting, using and retaining the personal information for purposes relating to the application process and if hired, the employment relationship.

Any and all personal information collected is held in the strictest confidence and in accordance with all applicable Privacy Laws.

We thank all candidates that apply, however only those selected for an interview will be contacted. Employment is contingent upon a satisfactory response from a Criminal Record Search.