Job Description

Description :

Saskatchewan Blue Cross, one of Saskatchewans Top Employers, is currently recruiting for a full-time permanent Manager, Cybersecurity to join our team in the Cybersecurity department. This position offers the flexibility to be in-office or participate in hybrid options in our Saskatoon or Regina office.

JOB FUNCTION

If you are passionate about cybersecurity, then were looking for you! Reporting to the Director, Information Systems & Technology, the Manager, Cybersecurity is accountable to develop, operationalize and enhance SBCs security solutions through leadership of the Cybersecurity team and in alignment with SBCs business plan, strategy, and values. This position will establish and maintain enterprise security stance through policy, architecture and training processes. The Manager, Cybersecurity is also responsible for the selection of appropriate security solutions and oversight of any vulnerability audits and assessments, and to lead collaboration with internal and external stakeholders, uphold SBCs mission, vision, and values, and ensure protection of its brand, corporate image, and reputation.

WHY CHOOSE SASKATCHEWAN BLUE CROSS?

Were driven by a mission to empower communities on their journey to whole health and wellness, and have a lot of exciting things ahead of us. Were improving our members experiences through investment in our people, technology, services and products. When you join our team, youre joining an organization where employees are valued, recognized for their contributions and empowered to make us stronger. The wellbeing of our employees, our members, our partners and our communities is at the heart of our operations.

Our industry is evolving fast, and so are we! Were looking for people who:

• Share our values
• Believe that creating great experiences is totally within their control
• Collaborate and always set others up for success
• Build positive relationships and an understanding of what peoples needs are
• See solutions and possibilities (not problems!)
• Are simply outstanding at what they do

• Maintain and enhance SBCs security architecture, security awareness training program, security documents (policies, standards, baselines, guidelines and procedures), malware defences, data protection program, and disaster recovery plan
• Maintain and mature core security functions including change management, hardware and software asset management, governance, risk management, and compliance programs
• Maintain up-to-date knowledge of the cybersecurity industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors
• Select and acquire additional security solutions or enhancements to existing security solutions to improve overall enterprise security as per the organizations existing procurement processes
• Oversee the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard security frameworks and the enterprises security policies
• Ensure the confidentiality, integrity, and availability of the data residing on or transmitted to/from/through enterprise workstations, servers, and other systems and in databases and other data repositories
• Support organizational adherence to internal security policies and compliance to external regulatory bodies
• Ensure the enforcement of enterprise security policies and procedures
• Supervise all investigations into problematic activity and provide on-going communication with senior leadership
• Supervise the design and execution of vulnerability assessments, penetration tests, and security audits
• Oversee regular security awareness training and testing for all employees to ensure consistently high levels of adherence with enterprise security policies
• Engage in ongoing communications with peers in the IT Systems and Networking department, Application Development department as well as the Operational Leadership Team and other business groups as needed to ensure enterprise-wide understanding of security goals, to solicit feedback, and to foster co-operation and maintain a strong security culture
• Oversee the overall operations of the Cybersecurity team including threat hunting, threat intelligence research, dark web monitoring, vulnerability management, and security assessments of vendors, tools, and projects

• Bachelors Degree in Computer Science or a related field
• 8+ years of related experience with 1-3 years of supervisory accountability
• Completion of one or more of the following certifications or equivalent: GIAC Security Essentials, GIAC Security Leadership, ISACA Certified Information Security Manager, Microsoft Certified Systems Engineer: Security, (ISC)2 SCCP, (ISC)2 CISSP, or (ISC)2 ISSAP
• Working knowledge of:

• the application of security controls to core IT infrastructure and cloud resources;
• agile concepts and frameworks;
• the development of policies regarding Acceptable Use, Vulnerability Management, Incident Response, Patch Management, Security Awareness and Training, Password Management, Remote Access, etc.
• Strong comprehension of:

• incident response management as well as intrusion and endpoint detection and response;
• security standards and frameworks including NIST CSF, ISO 27001 and CIS Controls;
• configuring and hardening IoT devices, networking devices and servers in a Windows environment;
• securing email/attachments and Microsoft 365 using Advanced Threat Protection and Secure Score;
• IP, TCP/IP, and other network administration protocols
• Experience in:

• enterprise security architecture design, the development and enhancement of security policies, and developing business continuity and disaster recovery plans;
• effectively leading and managing projects and teams;
• designing and delivering employee security awareness training;
• securing company systems and data through configuration of firewalls, email filtering services, endpoint protection tools, servers
• Ability to collaborate, build relationships, engage, and influence key stakeholders
• Broad understanding of business operations, strategies, and processes to guide the design, development, and implementation of technology solutions that support business objectives
• High level of problem solving, critical thinking, and analytical skills with ability to identify alternative solutions and recommend best options in support of organizational goals
• A demonstrated focus in ongoing professional education and development is required
• The successful candidate may be required to undergo a background check
• Must be legally entitled to work in Canada on an unrestricted basis

Blue Cross