Pollard Banknote is a leading lottery partner to more than 60 lotteries worldwide, providing high quality instant ticket products, licensed games, and a full suite of digital offerings ranging from game apps to comprehensive player engagement and iLottery solutions, including strategic marketing and management services. The company is a proven innovator and has decades of experience helping lotteries to maximize player engagement, sales, and proceeds for good causes. Pollard Banknote also plays a major role in providing pull-tab tickets, bingo paper and its Diamond Game and Oasis-branded electronic ticket machines to charitable and other gaming markets in North America. Established in 1907, Pollard Banknote is owned approximately 67.6% by the Pollard family and 32.4% by public shareholders, and is publicly traded on the TSX (PBL). For more information, please visit our website at www.pollardbanknote.com.
Director – Information Security
We’re looking for a dynamic, results-oriented IT Security professional to join our organization in the role of Director, Information Security. As the Director, Information Security you will be responsible for ensuring the company maintains the security of their information systems consistent with relevant industry standards and remains in compliance with all information security requirements imposed by certification requirements, client contracts, and applicable law.
In addition, this position will oversee the Information Security team and will also serve as the Chairperson for the Information Security Governance Committee.
What you’ll be doing
- Providing strategic leadership of Pollard’s Information Security program by developing information security roadmaps and overall company-wide information security strategy to continuously improve the organization’s security posture
- Working closely with peers and business leads to build and implement controls in alignment with risk-posture, architectural constraints, company strategy, and industry best practices & trends
- Partnering with IT Operations, Applications, DevOps and Product Teams to build, augment, and maintain an effective control environment in response to routine vulnerability and risk assessments
- Supporting technology implementations in partnership with the Project Management Office and various IT departments
- Defining & documenting security policies, procedures, standards and guidelines
- Training others to help operationalize and automate security related technologies and features in close coordination with IT operations
- Maintaining a collaborative environment that supports a culture of innovation, integrity, transparency, and alignment to business objectives, balancing risk tradeoffs with options and best practices
- Addressing all security remediation action plans and working with peers and leadership to prioritize activities
- Managing information Security issues and breaches and reporting on identification, impact, investigations, resolutions and remediation plans
- Supporting sales and marketing activities by contributing to RFP responses, producing security marketing collateral and educating the business development team on the security frameworks and processes in place at Pollard Banknote
- Staying up to date with the latest security trends, vendors, tools and approaches to strategically incorporate relevant findings into the Pollard security program to remain current and effective
- Managing security awareness activities for employees, contractors, vendors, and customers to ensure that the Pollard culture maintains a strong commitment to information security
- Conducting information security audits, vulnerability and risk assessments on internal processes, technology solutions, vendors, and new business units, which includes accountability for the Information Security Risk Register
- Working with internal & external auditors, customers, and outside consultants when necessary on required security assessments and audits, coordinating and tracking all information technology and security related audits including scope, timelines, outcomes, and remediation activities
What you bring
- Post-secondary education in computer science (or equivalent) combined with 10 years’ work experience in information security
- Demonstrated technical leadership in a cross-functional security role with a minimum of 3-5 years’ experience managing a team
- Proven track record developing, implementing and integrating security tools, technologies and processes both on-prem and in cloud-based architectures
- Experience working with application/product development & DevOps teams on design and implementation of best practices for security as an embedded function of the various software development processes
- Experience building and designing enterprise security strategies, and establishing enterprise security processes and technology standards
- Experience project-managing security control implementations
- Expertise with operating security technology controls (firewalls, orchestration platforms, anti-malware, forensics, IAM, IDS, DLP, etc.)
- Experience with DevOps environments and AWS / Azure security controls is a strong asset
- Strong understanding of ITIL and Service Management processes
- Knowledge of various Security Development Lifecycle approaches
- Familiarity and experience with standards and compliance frameworks including ISO, SANS, OWASP, NIST, SSAE SOC, ITIL, etc.
- Familiarity with security architecture models is a plus
- Certifications such as CISSP, ISSAP, CRISC, and SANS preferred
Pollard Banknote offers a challenging, team-oriented environment, competitive compensation, profit sharing program, company pension and opportunities for professional development. Interested candidates are encouraged to submit a cover letter outlining fit and salary expectations along with a résumé to:
Pollard Banknote Limited
140 Otter Street Winnipeg, MB R3T 0M8
Pollard Banknote Limited is an equal opportunity employer, committed to maintaining a diverse workforce.
We thank all candidates that apply, however only those selected for an interview will be contacted.
Employment is contingent upon a satisfactory response from a Criminal Record Search.