Cybersecurity Architect

Salary Range: $125,600.00 – $188,400.00

Posting Closes: November 8, 2024

GAME ON – OLG needs you 

We’ve said GAME ON, and we mean it – OLG is rapidly transforming its organization to better serve Ontarians by delivering great gaming experiences through our digital, retail lottery, and land-based gaming channels. Over the course of fiscal 2022-23, OLG delivered a record $2.5 billion in net profit to the Province of Ontario. OLG is now expanding our horizons even further, with a new strategic direction, to become a world class gaming entertainment leader with a globally admired digital platform. 

We are ready to take this game to the next level and need a passionate Cybersecurity Architect​ to ​​proactively and holistically identifies and leads the development of Enterprise Cybersecurity transformation and optimization initiatives and are accountable for the creation of the Enterprise Cybersecurity Architecture and Roadmap.  Development of the Enterprise Security Architecture and Roadmap includes architectural views, business capability maps, reference models and technology blueprints and Cybersecurity patterns. The Cybersecurity Architect guides enterprise leaders, product managers, product owners and product delivery teams across the organization to achieve business outcomes related to growing revenue, optimizing costs, mitigating risks, and improving sustainability. The Cybersecurity Architect also incorporates the Business Architecture and Application Architecture Domains ensuring alignment between business strategies and the Enterprise cybersecurity posture​.​  

YOUR ROLE IN THE GAME 

Reporting to the ​VP, Cyber and Information Security​, you will be empowered to:  

  • Leads the Development of the Cybersecurity Architecture, Roadmap, strategy and design including policies, procedures and standards translating business strategies and as a thought leader proactively identifies innovation opportunities, building, executing and iterating a target-state integrated OLG system architecture clearly aligned to the overall Enterprise Architecture & Roadmap, business, technology and threat drivers exceeding customer’s security and privacy expectations; 
  • Leads the analysis of the enterprise Cybersecurity, , and future state security capabilities developing strategic blueprints for security technology proactively identifying and assisting the organization to respond to disruptive forces, identifying key value drivers, critical deficiencies, gaps and opportunities recommending for inclusion in Enterprise Architecture future-state artifacts. 
  • Develops and implements Cybersecurity Architecture governance, product and capabilities including standard definition, tool rationalization, methodologies, actionable security design patterns and policies for OLG and provides service and operational support for third-party service providers\in a consistent manner   driving OLG’s enterprise security standards, policies and processes  while effectively ensuring regulatory compliance 
  • Leads and facilitates interactions across EIT, OLG, Service Providers and key strategic enablers in a business-driven conversation over the risks and implications of the Cybersecurity Architecture & Roadmap to enhance security posture and awareness, providing consultative advice, adapted to stakeholder context, to business leaders and organizational stakeholders who seek actionable recommendations to make technology investment decisions  
  • Supports portfolio modernization and develops roadmaps to maintain the alignment, integration and coordination of architecture activities across different programs, projects and products as they evolve over time 
  • Collaborates with all delivery teams (Digital Labs, Product Squads, EIM, Chapter Leads, etc..) to ensure consistency with the enterprise architecture, as well as to leverage shared technologies, tools and processes that impact speed to value and time to market 
  • Develops and maintains security design and documentation including definition of design patterns at the system and subsystem level including mechanisms to address security concerns related to management, access control and data protection which can be leveraged by delivery teams including product squads and Infrastructure and Cloud Services while effectively ensuring regulatory compliance and alignment with Enterprise Architecture. 
  • Oversee the research, planning and design of security architecture for IT systems across the enterprise and develop and manage the Cyber and Information Security technology roadmaps, plans and related budgets. 
  • Validates IT infrastructure and other reference architectures for security best practices and recommends changes to enhance security and reduce risks, where applicable. 
  • Stays up to date on current security news, trends, and alerts, and plans accordingly to protect the organization against emerging threats, providing guidance and content expertise on industry best-practices, current trends, and topics relevant to information security strategy and practices. 
  • Lead and provides advice to security awareness and training initiatives to educate OLG employees on security standards and promote a proactive culture of security within the organization. 
  • Inspires, motivates, and empowers people to achieve organizational goals. Coaches, mentors, and manages employee experience and employee performance through thoughtful preparation. Creates space for others to lead. Demonstrates strength in OLG’s leadership competencies and leads the way in exemplifying OLG Truths.  
  • Effectively facilities information sharing and ideation and creates an inclusive environment in which diversity of thought is celebrated and teams feel empowered to participate and contribute freely in support of OLG’s culture, strategy, and ways of working. 

WHAT YOU NEED TO PLAY 

Education & Knowledge:  

  • Post-secondary degree, preferably in an information technology, cybersecurity or related field Has a proven understanding of enterprise architecture and can apply this in the development of new architecture systems 
  • Advanced Certification in Security (CISSP), Risk Management (CRISC) and/or Certified Information Security Manager (CISM) and/or other security certifications 
  • Knowledge and experience with industry standards including PCI DSS, ISO 27001, SOC2, and NIST framework. 
  • Knowledge of tools, techniques, processes around information security architecture, technologies, security management, security administration, data privacy, computer forensics, digital forensics tools, penetration testing, business continuity planning, vulnerabilities assessment, firewall management, network and internet security and computer network defense 
  • Knowledge/experience in collaborating with product owners and delivery teams to define, design, and deliver roadmaps and architecture patterns inclusive of experience with architecture runways 
  • Knowledge of architecture development methodology (ADM) and TOGAF is preferred (Zachman, and others will be considered) 
  • Knowledge of information technology environments, including information cybersecurity, encryption methods and privacy-based solutions 
  • Direct, hands-on experience or strong working knowledge of managing security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology. 
  • Verifiable experience reviewing application code for security vulnerabilities and vulnerability management tools. 
  • Experience securing CI/CD pipelines and automation systems 
  • Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services. 
  • Full-stack knowledge of IT infrastructure (Applications, Databases, Operating systems — Windows, Unix, Linux and OpenVMS, Virtualization Hypervisors, IP networks — WAN and LAN, Storage networks, Containers – Docker/Kubernetes) 
  • Direct experience designing IAM technologies and services 

Experience:  

  • Minimum ten (10) years of experience in progressively advancing roles within Technology or a related function  
  • Minimum five (5) years of Security Architect experience.  
  • Minimum ten (10) years of experience as an Enterprise Architect or related role 
  • Proven experience in developing and implementing business and application architectures within a technology function of an organization 

Critical Skills:  

  • Analytical thinking and problem-solving skills with an ability to negotiate and trade-off technology options against goals and cost  
  • Demonstrated ability to easily deal with both abstract and concrete concepts and be able to reconcile and translate them for the appropriate audience and context  
  • Proven ability to maintain both a strategic long-term outlook and enterprise perspective, while also supporting tangible, business-driven, and IT-delivered solutions 
  • Quickly understand organizational dynamics and management priorities, and to be able to work effectively in a fast paced, iterative, results driven company 
  • Strong ability to work in ambiguity and collaboratively to bring clarity and resolve problems and issues 
  • Demonstrated ability to interpret business needs at a tactical and strategic level 
  • Highly organized and able to assist the business and technology stakeholders in governance processes 
  • Strong ability to combine business and technical thinking  
  • Exceptional communication skills, with the ability to collaborate across cross-functional teams, translate complex cybersecurity concepts into clear, actionable insights for non-technical stakeholders, and ensure precise, comprehensive documentation to support security protocols and compliance 

​​Negotiation and Influence: ability to negotiate and influence effectively while being open to perspectives and maintaining strong relationships  

Strategic Thinker: strong strategic and critical thinker with ability to delve into unique challenges and find creative solutions 

Collaboration & Fun: inclusive and collaborative work style while creating fun and excitement in our work 

​Integrity and Trust: do what’s right and operate with transparency and openness 

Licenses, Registrations, Certificates: 

​​AGCO Category 1 Gaming Assistant Registration (Initiated at offer stage – employment is conditional upon obtaining and maintaining this license)​ 
​ 

PERKS OF JOINING OUR TEAM 

  • Part of a Bigger Picture: socially responsible company that gives back all its profits to the province and people of Ontario 
  • Flexible Work Environment: to help balance both work and life 
  • You Matter: family friendly work practices and hybrid work  
  • Freedom to Innovate: supports new and better ways to be successful 
  • Be your Authentic Self: environment that values diversity as a source of strength 
  • Learning Galore: 24-7 access to robust online learning programs   
  • Public Service Pension Plan: participate in a major defined benefit pension plan sponsored by the Government of Ontario  
  • Variable Pay Program: performance-based incentives to share in our success (Permanent OLG Employees Only) 

To learn more about OLG go to our website at  www.olg.ca    

We look forward to hearing from you, interested applicants please apply online at www.about.olg.ca/working-with-us/olg-careers/Cybersecurity Architect ​November 8, 2024​. 

We thank you for your interest in this opportunity; however only those individuals selected for an interview will be contacted. 

OLG is an equal opportunity employer. We are committed to providing employment accommodation in accordance with the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act. Please contact Human Resources at careers@olg.ca if you require accommodation at any time throughout the hire process.