The North West Company
In your role as IT Security Manager, at The North West Company (NWC), you are responsible for overseeing the operations of the enterprise’s security solutions through collaboration with the IT Infrastructure team and Director of Infrastructure and the Director of Applications. You will be expected to interface with peers in these Systems and Network departments as well as with the leaders application teams to both share the corporate security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation.
Joining NWC gives you the opportunity for growth and development throughout the company, a competitive salary and benefits package, and to be part of a dynamic and diverse culture.
The North West Company is a leading retailer to underserved rural communities and urban neighbourhood markets in the following regions: Northern Canada, Western Canada, rural Alaska, the South Pacific islands, and the Caribbean. Our stores offer a broad range of products and services with an emphasis on food. Our value offer is to be the best local shopping choice for everyday household and local lifestyle needs. Check out northwest.ca for more information.
- Support, provide input and maintain the enterprise’s security architecture design.
- Create, and maintain the enterprise’s security documents (policies, standards, baselines, guidelines and procedures) and awareness training program.
- Create and maintain the enterprise’s Business Continuity Plan and Disaster Recovery Plan, where appropriate.
- Responsible for IT audits internally, externally, and PCI.
- Responsible to work with external companies for cyber security assessments and testing.
- Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
- Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise’s existing procurement processes.
- Oversee the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
- Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories.
- Ensure the enforcement of enterprise security documents.
- Supervise all investigations into problematic activity and provide on-going communication with senior management.
- Supervise the design and execution of vulnerability assessments, penetration tests and security audits.
- Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents.
- Engage in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation.
Desired Skills & Experience:
- College diploma or university degree in the field of computer science and/or 5 years equivalent work experience.
- One or more of the following certifications:
- GIAC Security Essentials Certification / GIAC Security Leadership Certification
- ISACA Certified Information Security Manager
- Microsoft Certified Systems Engineer: Security
- (ISC)2 SCCP
- (ISC)2 CISSP
- (ISC)2 ISSAP
- Extensive experience in enterprise security architecture design and security document creation.
- Experience in designing and delivering employee security awareness training.
- Experience in developing Business Continuity Plans and Disaster Recovery Plans.
- Working technical knowledge of Logrythym, IPS systems, Crowdstrike, and PCI standards.
- Strong understanding of IP, TCP/IP, and other network administration protocols.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Ability to conduct research into IT security issues and products as required.
- On-site and remote work week with on-call availability for 4 days per month.
- Available to travel when required.
Location: Gibraltar House, 77 Main Street, Winnipeg, MB
Reports To: Director, Infrastructure & Security
We create a collaborative and constructive culture by:
- Being Enterprising • Committing to our Customer • Working with Passion • Leading and Developing Others • Demonstrating Respect and Inclusivity • Building Trust
The North West Company is committed to inclusion and diversity and encourages applications from all candidates including but not limited to: all religions and ethnicities, LGBTQ2s+, BIPOC, and persons with disabilities.
You may include your resume and cover letter together as a single document. Opportunities to learn, develop and advance throughout the organization are present. We thank all applicants for their interest; however only those selected for an interview will be contacted.
For Internal Applicants only:
Interested internal applicants are invited to apply directly on the website no later than 4:00 P.M, Wednesday, November 30th, 2022. Internal applicants must select “Yes” as the answer to “Are you currently employed by The North West Company or any of its subsidiaries?” during the application process.
Positions will be advertised externally; however internal candidates will receive first consideration based on qualifications. NWC employees are encouraged to bring forward applications of external candidates that meet the qualifications of this position.
NOTE: Prior to applying, an internal employee MUST obtain a written endorsement email from their current Manager or Manager – once – removed and provide this to the recruitment team before they can be considered for opportunities. This position adheres to the Corporate Job Posting Guidelines.
To help us track our recruitment effort, please indicate in your cover/motivation letter where (jobsincanada.one) you saw this job posting.