ISL 24R - Security Analyst

The BC Liquor Distribution Branch (LDB) is one of two branches of government that provide oversight for the beverage alcohol and non-medical cannabis industries in the province. The LDB is responsible for the wholesale distribution of liquor and cannabis and operates the retail brands BCLIQUOR and BC Cannabis Stores.

The LDB is committed to governments goals of making life better for people in B.C., improving services and ensuring a sustainable province for future generations. The revenue generated by the LDB helps fund essential public services like health care, education and community programming. Learn more on the LDB careers page.

LDB Information Technology (IT) team consists of 7 competency areas: Customer Experience, Infrastructure & Operations (I&O), Information Security, Enterprise Architecture, Software Services, Data Services and IT Program Governance. Currently 4 divisions managed by IT Directors collectively are responsible for all of the 7 competency areas to deliver the IT mandate of supporting LDBs corporate and business operations and enabling future needs and initiatives.

At present the IT team consists of more than 260 full-time employees and includes a sourcing strategy to leverage external expertise to ensure the integrated IT team continues to deliver LDBs strategic initiatives timely and in high quality.

IT department of the LDB is responsible for the entire computing infrastructure for all of the 230 BC Liquor Stores, BC Cannabis Stores as well as LDBs head office in Burnaby and 4 Warehouse / Distribution Centres including Delta, Kamloops, Richmond and Victoria. IT department also manages three data centres located in Burnaby, Delta and Kamloops.

The Security Analyst is responsible for conducting cybersecurity threat risk assessments and recommending changes to the security architecture for projects; defining / documenting the requirements and design for the security controls; detecting / reporting incidents and performing security tests on LDBs existing and new information technology (IT) infrastructure (HW and SW).

The scope of the position encompasses timely detection and reporting (i.e. logging and monitoring of systems and information) and secure configuration (i.e. Identity and Access IAM, Asset or Vulnerability Management of the IT infrastructure components) and other activities within NIST domains to reduce / mitigate both internal and external threats and risk of sensitive LDB information and / or systems being compromised.

Working with the stakeholders the position identifies security requirements / remediation, monitors the deployment of the change, performs post implementation reviews and researches alternatives / mitigation strategies. The emphasis in duties will vary based on new / revised technical infrastructures, applications and data collection points.

A criminal record check is required.

Working conditions include the need to work outside of core hours as and when required. Some weekend work may be required to implement changes.

For complete details about this opportunity including accountabilities please refer to the attached job description also located in the Additional Information section at the bottom of the posting.

An eligibility list for permanent or temporary future opportunities may be established.

Education and Experience:

• Degree in computer science, information technology or related field with a minimum of 2 years of recent related experience
• Diploma or certificate in computer science, information technology or related field with a minimum of 3 years of recent related experience
• A combination of education, training and experience (e.g., secondary school diploma or equivalent certification) with 6 years of recent related experience
• Recent related experience must have occurred in the last 7 years and must include the following: experience with contributing to the development, implementation / installation, maintenance and operation of enterprise systems (hardware / software and / or network components), experience with security appliances (e.g., firewalls, routers), experience with threat and risk assessment processes and current risks and threats on network systems (CVEs, patching), experience with network segmentation, subnetting and routing, experience with change management, experience with PCI Security Standards Council (PCI SSC), and experience in identifying and evaluating risks from a business and technological standpoint

Preferences:

• Experience with a security focus in a Microsoft environment
• Experience with Microsoft Security tools such as Microsoft Defender ATP
• Experience with Microsoft Sentinel
• Experience with Microsoft EntraID and EntraID Cloud Sync
• Experience with Identity Access Management (IAM)
• Certification in technical disciplines such as CISSP or CISM (or equivalent)
• Experience with reporting of vulnerabilities across the organization
• Experience with Microsoft Security 365 tools
• Experience with project management methodologies
• Experience in identification and / or implementation of mitigation strategies
• Experience working with security principles and / or controls measures across the organization
• Experience with application design and development life cycle

Application instructions:

To be considered for this position your application must clearly demonstrate how you meet the education and experience as outlined in the position requirements section above. Applicants selected to move forward in the hiring process may be assessed on the knowledge skills abilities and competencies as outlined in the attached Job Description. Applicants must meet the requirements as described below to be considered :

• A cover letter is required as part of your application. The content and / or format of your cover letter may be evaluated as part of the assessment process.
• Ensure your resume includes your educational accomplishments, employment history including start and end dates (month and year) of your employment and any relevant information that relates to the job to which you are applying.

For specific position-related enquiries please contact Jennifer Robinson, HR Advisor Talent & Compensation at .

Only applications submitted using the BC Public Service Recruitment System on this website will be accepted. For more information about how to create or update your profile please refer to the attached Application Instructions or refer to the Job Application page on the MyHR website. If you are experiencing technical difficulty applying for a competition please send an e-mail to before the stated closing time and they will respond as soon as possible to assist you.

Note: Applications will be accepted until 11:00pm Pacific Time on the closing date of the competition.

Working for the BC Public Service:

The BC Public Service is committed to creating a diverse workplace to represent the population we serve and to better meet the needs of our citizens. Consider joining our team and being part of an innovative, inclusive and rewarding workplace.

This position is eligible for flexible work arrangements such as a hybrid work arrangement following the guidelines established for flexible workplaces.

The Indigenous Applicant Advisory Service is available to applicants that self-identify as Indigenous seeking work or already employed in the BC Public Service. For guidance on applying and interviewing please contact or .

The BC Public Service is an award-winning employer and offers employees competitive benefits, great learning opportunities and a chance to engage in rewarding work with exciting career development options. For more information visit What the BC Public Service Offers.

Salary: 76,071 — 86,658 per year (Yearly Salary)