Manager IT Security Services na Saskatchewan Workers' Compensation Board

Manager, IT Security Services

Permanent Appointment

Anticipated Start Date: October 31, 2025

Regina, Saskatchewan

Job Summary:

The Manager, IT Security Services is responsible for overseeing the operations and management of WCB’s security practice and resources, as well as continuously improving the organizations security posture through policy, architecture, training, enforcement, and monitoring. Further duties include the management and selection of appropriate security solutions, oversight of audits and assessments. The Manager, IT Security Services will interface with peers and staff in the IT & BI division, and leaders of the business units to share the corporate security vision and solicit their involvement in achieving higher levels of enterprise security through information sharing and co-operation. This position requires a customer service orientation and strong communication skills.

Specific Accountabilities:

1. Research, advocate, select, and implement enterprise security solutions that will support security requirements for the enterprise and its customers, business partners, and vendors. 

2. Leads the IT security processes, policies, standards, baselines, guidelines, and procedures designed to meet business needs, comply with legislative and regulatory requirements, and conform to best practices.

3. Provides leadership and direction to staff; recruits, develops, and manages the performance of staff in accordance with WCB's policies, procedures, and best interests.

4. Serves as a security expert in cloud solutions, applications, databases, networks, and operating systems, ensuring compliance with enterprise and IT security policies, industry regulations, and best practices. 

5. Analyzes business impact and exposure based on emerging security threats, vulnerabilities, and risks. Communicates security risks and solutions to business partners and IT staff as needed. 

6. Works with functional area architects and analysts to ensure adequate security solutions are in place throughout all IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements. 

7. Works on multiple projects as a project leader or as the subject matter expert. Works on projects/issues of high complexity that require in-depth knowledge across multiple technical areas and business segments.

8. Perform regular security awareness training for all employees to ensure consistently high levels of compliance with enterprise security documents.

9. Provide domain expertise within the development of WCB’s enterprise’s Business Continuity Plan and Disaster Recovery Plan, where appropriate.

Acquisition & Deployment

10. Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.

11. Select and acquire security solutions or enhancements to existing security solutions to improve overall enterprise security as per the enterprise’s existing procurement processes.

12. Oversee the deployment, integration, configuration, and enhancement of security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.

Operational Management

13. Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers, and other systems and in databases and other data repositories.

14. Supervise all investigations into problematic activity and provide on-going communication with senior management.

15. Supervise the design and execution of vulnerability assessments, penetration tests and security audits.

16. Supervise the operations of the Security team.

17. Provide input to the IT budgets and IT plans. 

Qualifications: 

In addition to the following Behavioral & Technical Qualifications (Competencies) the following Education, Experience, Designations/Licenses are job requirements:

A University Degree or Masters in Computer Science, Information Systems or related technical discipline from an accredited University including:

1. One or more of the following certifications:

• GIAC Security Essentials Certification or GIAC Security Leadership Certification
• ISACA Certified Information Security Manager
• Microsoft Certified Systems Engineer: Security
• (ISC)² SCCP, (ISC)² CISSP or (ISC)² ISSAP
• Certified Business Continuity Professional (CBCP) certification or Associate Business Continuity Professional (ABCP) certification
• Certified Information Security Manager (CISM) certification

Minimum of 10 years’ experience with combined IT and security work experience with a broad exposure to infrastructure systems, desktop operations, cloud systems, multi-platform environments, database management, information security practices, related technologies, and their related support processes  and high exposure end-user situations. 

A minimum of two (2) years in a specific security role (Security Architect, Security Manager) for a similar sized organization. 

Knowledge & Experience:

• Identity Management technology and concepts (Oracle,  AD, LDAP, EntraID).
• Network Firewall security, Intrusion Prevention, Web Security Appliance.
• Anti-Malware and AntiSpam technologies and processes.
• Advanced security systems: SIEM, EDR, IAM, PAM, MFA.
• Security Incident Management/Response processes and tasks.
• Threat Risk Analysis concepts.
• Vulnerability assessments (web, network, application, host).
• Web Application testing technologies and processes.
• Knowledge of appropriate legislation (i.e., HIPA, PIPEDA, FOIP).
• Extensive experience in enterprise security architecture strategy and documentation.
• Designing and delivering employee security awareness training.
• Developing Business Continuity Plans and Disaster Recovery Plans.
• Developing Security Standards & Policies based on the ISO 27001, or similar framework.
• Working technical knowledge of DLP and SIEM software.
• Strong understanding of IP, TCP/IP, and other network administration protocols.
• PIA’s, security, and maturity assessments.
• Managing the change management processes.

Applications:

It is the responsibility of the applicant to ensure that the application is received through the online application system prior to close. Each application must include a cover letter explaining how each qualification is met and an updated resume.

The Saskatchewan Workers' Compensation Board is committed to achieving a representative workforce. Members of designated groups (women, aboriginal people, people with disabilities and visible minorities) are encouraged to apply.

Application Deadline: October 10, 2025