Posted 15 days ago
About SNDL
SNDL is the largest private sector liquor and cannabis retailer in Canada with retail banners that include Ace Liquor, Wine and Beyond, Liquor Depot, Value Buds, and Spiritleaf. As a licensed cannabis producer, SNDL also has indoor state-of-the-art grow-op facilities to supply wholesale and retail customers under a cannabis brand portfolio that includes Top Leaf, Sundial, Palmetto, Spiritleaf Selects, and Grasslands. SNDL's investment portfolio seeks to deploy strategic capital through direct and indirect investments and partnerships throughout the global cannabis industry.
About the Role
Reporting to the Vice President of Business Technology Operations, the Manager, Business Technology (BT) Security and Compliance is responsible for leading the day-to-day operations and continuous improvement of a 24x7x365 BT Security & Compliance team for all SNDL Business Units and banners. This position will be responsible for designing, maintaining, configuring, troubleshooting, auditing, and documenting the status of all security and compliance controls. The position supports the organization's technology needs to provide a robust, secure, and reliable computing environment.
Key Attributes:
Role and responsibilities include, but are not limited to:
General Responsibilities
Security-Related Skills and Initiatives
Technology Policy Development: Develop and enforce security policies, procedures, and guidelines in alignment with industry standards and regulatory requirements.
Risk Assessment: Identify, assess, and prioritize security risks and vulnerabilities within the organization's technology systems and networks.
Security Architecture: Participate in the design and implementation of robust security architectures for networks, systems, applications, and data to safeguard against cyber threats and ensure compliance.
Security Awareness Training: Conduct security awareness training programs to educate employees about best practices for data protection, password security, phishing awareness, and other relevant topics.
Compliance: Ensure compliance with relevant data protection laws, regulations, and industry standards (e.g., GDPR, PCI DSS).
Security Tools Management: Oversee the selection, deployment, and management of security tools and technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus software, encryption tools, and security information and event management (SIEM) systems.
Vulnerability Management: Implement processes for identifying, prioritizing, and remediating security vulnerabilities across the organization's IT infrastructure.
Security Audits and Assessments: Conduct regular security audits and assessments to evaluate security controls' effectiveness and identify areas for improvement.
Collaboration: Collaborate with cross-functional teams, including IT, legal, compliance, and business units, to ensure a holistic approach to security and compliance.
Budgeting and Resource Management: Develop and manage the security budget, allocate resources effectively, and invest strategically in security initiatives.
Continuous Improvement: Stay informed about emerging threats, technologies, and best practices in cybersecurity, and continuously improve the organization's security posture.
Technology Compliance-Related Skills and Initiatives
Regulatory Compliance: Stay abreast of relevant laws, regulations, and industry standards relating to technology and data management (e.g., GDPR, Sarbanes Oxley (SOX), PCI DSS) and ensure the organization's IT practices adhere to these requirements.
Required Competencies
We are grateful for the interest in this role from all candidates, however, we will be contacting only those that are selected for next steps in the hiring process.
Our Commitment to Diversity & Inclusion:
SNDL is an equal opportunity employer. We are committed to building a welcoming, inclusive, diverse and safe workplace where all of our team members have equal opportunity to succeed. We know this begins with recruitment. To honor our commitment, SNDL encourages applications from individuals of all backgrounds, sexual orientation, gender identity, ancestry, ages and abilities.
SNDL Inc. in Edmonton, Alberta, Canada