Architect, Cloud Security
Location: Remote (BC only), BC, CA
Job Function: Information Technology Overview:
BCLC's two offices are located on the traditional, ancestral and unceded lands of the xʷməθkʷəy̓əm (Musqueam Indian Band), Sḵwx̱wú7mesh (Squamish), and səlilwətaɬ (Tsleil-Waututh) Peoples in Vancouver and the Tk'emlúps te Secwépemc territory, situated within the Secwépemc Nation in Kamloops. We honour and respect the people, the territory, and the land we are part of.
Joining the Business Technology team at BCLC means you'll be working with cutting-edge technology to help build a world-class entertainment company. This is an engaged, innovative, capable group of talented individuals working in digital enablement, product delivery services, technology platform enablement, enterprise services, integrity and operations. This enables us to execute the purchase and validation of lottery tickets at over 3500 lottery retailers, manage a complex network of 12,000 slot machines and electronic table games across the province and provide the backbone for BCLC's eGaming platform, and much more.
We have offices in Kamloops and Vancouver and can also support 100% remote (from within British Columbia) for this position. Job Summary:
The Cloud Security Architect supports BCLC's Cybersecurity program and helps to protect BCLC's information assets by designing and driving highly secure and compliant cloud computing architectures and implementations for BCLC's cloud platforms. This role works closely with Enterprise Architecture, key infrastructure technology teams and business units to establish and provide guidance on secure development and migrations to the cloud. The role requires the establishment of strong relationships with these key teams, and the ability to vocalize the Cyber Security Strategy, identify appropriate industry best practices, and meet regulatory requirements. Key Accountabilities:
Minimum Required Qualifications:
- Develops and maintains a cloud security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with the target enterprise architecture and cyber security strategy.
- Interacts with teams across the enterprise such as DevOps, platform enablement, network, and information security. Guides teams to drive results and maturity.
- Implements secure design principles and requirements to enhance Cyber Security's ability to prevent, detect and respond to security threats in new and existing cloud solutions.
- Identifies, advises on, and tracks metrics against strategic cloud security initiatives to improve maturity ratings over time
- Serves as a cloud security subject matter expert during discussions and meetings with key stakeholders within the business unit and infrastructure teams.
- Validates cloud infrastructure and other reference architectures for security best practices and recommends changes to enhance security and reduce risks, where applicable.
- Validates security configurations and access to security infrastructure tools, including firewalls, IPSs, SIEM, vulnerability management and anti-malware/endpoint protection systems.
- Ensures a complete, accurate and valid inventory of all systems, infrastructure and applications that should be logged by the security information and event management (SIEM) or log management tool
- Maintains good understanding of BCLC's key business systems and processes to support accountabilities listed above, and for consideration and input into Cybersecurity program.
- Contributes to the development and maintenance of information security policies, standards, procedures, and where needed supports the development of applicable technology standards.
- Liaises with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls Responds to complex requests and handles escalations for major issues.
Education and Experience
- Undergraduate or masters' degree preferably in one of the following areas: Information Security, Information Systems, Computer Science, Engineering, and/or other related majors
- In possession of or working toward industry recognized cloud security certifications such as CCSK, CCSP, Azure Security Engineer, Azure Solution Architect Expert, AWS Solution Architect Associate/Professional;
- Information security certifications, such as CISSP, CISM or GSEC are an asset;
- 5-7 years of progressive experience in information security;
- At least 3 years of experience in securing cloud solutions (IaaS/PaaS/SaaS) including considerable experience in:
- Designing architectures to meet security and compliance requirements
- Designing and implementing security postures for Cloud native applications
- Designing and implementing security controls
- An equivalent combination of education and / or experience may be considered.
- Proficient in all aspects of cloud security, including identity and access management, defining organizational structure and policies, data protection, configuring network security defenses, collecting and analyzing logs, managing incident responses and demonstrating an understanding of the application of dynamic regulatory considerations;
- Solid understanding of cloud security architecture, security assessments, audit standards for the Cloud and security threats in the cloud;
- Hands on experience with Cloud security architectures;
- Fluent with at least one infrastructure-as-code or configuration management language/environment;
- Expert knowledge and implementation experience of information security principles, policy enforcement, operating systems, web application security, and a high-level of familiarity with malicious code uses, OWASP Top 10, and common techniques used by hackers;
- Strong technical skills in information security (Application and OS hardening, vulnerability assessments, security audits, networking, IDS, firewalls, etc.);
- Strong oral and written communication skills, including the ability to write reports and document procedures;
- Good ability to deal with highly sensitive matters with a high degree of tact and diplomacy;
- Strong organizational skills with the ability to prioritize items;
For over three decades, BCLC has delivered exceptional gambling entertainment for British Columbians with the primary purpose of giving back to the province.
- Operate provincial, national and "Instant Win" in partnership with over 3500 lottery retailers across the province.
- Oversee 34 casino and community gaming centres across the province.
- Provide safe, secure and legal online gambling options including sports betting, casino style games and lottery.
In the fiscal year prior to the pandemic, we gave over $1.4 billion back to the province to support healthcare, education, community groups, and much more.
To help us achieve this goal, we aim to have the healthiest players in the world by establishing a higher standard of support with evidence-based player health programs.
To build a rich diverse workforce representing the communities which we serve, we welcome applications from people of all colours and cultures, persons with diverse abilities, and members of the LGBTQ2S+ community.
BCLC values work life balance and offers remote work options.
Relocation assistance is available for successful job candidates from outside BC.
If you are in need of accommodation or special assistance at any step of your application, please send an email with your request to firstname.lastname@example.org
For over more than a decade, we have been recognized as one of BC's Top Employers - and we are constantly seeking ways to improve our employee and player experience. To learn more about BCLC, please visit: https://corporate.bclc.com/
Ready to join our team? Please Note:
This opportunity will remain open until a qualified candidate pool has been established.
Candidates must be legally entitled to work in Canada and be 19 years of age to work at BCLC.
BCLC requires all employees to be fully vaccinated from Covid-19 (as defined by Health Canada). Full vaccination will be required before commencing employment with BCLC unless a legal exemption is obtained.