Location Address:

100 Queens Quay East, 9th Floor, Toronto

Number of Openings:

1

Pay:

$73,027.00 - $127,554.00

Job Posting Description:

Senior Cybersecurity GRC Specialist

#LI-Hybrid

Are you looking for an exciting opportunity to work in cybersecurity with the LCBO? Then this role may be the next career step for you! Reporting to the Senior Manager GRC, you will support our cybersecurity oversight mandate by ensuring adherence to governance and compliance standards, focusing on the management and coordination of the MSSP.

You will monitor performance metrics, ensuring SLAs are met, and providing strategic recommendations to enhance the security program. This specialist will also ensure that cybersecurity risks are managed through oversight, governance, and collaboration with third-party service providers.

About the Role

Governance and Performance Management (30%)

• Monitor MSSP adherence to SLAs through regular reviews of operational dashboards, monthly performance reports, and ad hoc service metrics.
• Ensure MSSP activities comply with LCBO's internal governance standards and regulatory requirements (e.g., PCI-DSS, GDPR).
• Participate in reviews with MSSP to discuss service performance, areas for improvement, and latest needs.
• Evaluate MSSP performance metrics and provide reporting to management, ensuring alignment with strategic goals.
• Compile and analyze data from MSSP performance reports to assess the effectiveness of provided services and address performance or compliance gaps.
• Report on the status of cybersecurity operations, focusing on trends, risks, and opportunities for improvement and develop applicable recommendations

Risk (25%)

• Work with MSSP to review third-party risk assessments
• Help facilitate and complete cybersecurity risk assessments for LCBO
• Work with MSSP to establish proactive monitoring and threat-hunting protocols to reduce the likelihood of recurring incidents
• Lead scheduled service assessments to evaluate MSSP's alignment with LCBO's operational and security objectives.
• Ensure all audit findings are documented and addressed promptly to maintain compliance and mitigate risks.
• Collaborate with IT Governance team on internal and external audit requirements and in implementing agreed upon recommendations.

Collaboration and Compliance (25%)

• Lead collaboration internally to align MSSP activities and deliverables with organizational goals.
• Support in the evaluation of project related cyber risks and collaborate with the Innovation team on GenAI related evaluations.
• Be a cybersecurity advisor to help teams understand MSSP capabilities and ensure seamless integration into projects.
• Coordinate with MSSP to ensure accurate submission of evidence for audits and regulatory assessments.
• Participate in internal and external audits as the representative for MSSP-managed services, addressing queries and clarifications.
• Maintain a repository of compliance-related documentation, ensuring MSSP always remains audit-ready.

Strategy & Planning (20%)

• Research advancements in cybersecurity technologies and MSSP practices to identify opportunities for service enhancements.
• Help create new RFPs' and contracts.
• Analyze industry benchmarks and trends to recommend adjustments to LCBO's cybersecurity outsourcing strategy.
• Attend relevant conferences, webinars, or industry forums to stay updated on the latest threats and solutions.
• Provide input and feedback during the RFP process, ensuring that security requirements are accurately defined and included in procurement documents.

About You

• Post-secondary education in Computer Science, Information Systems, Cybersecurity or an equivalent of related education and experience.
• 3+ years of progressive experience in cyber related roles preferably with a focus on MSSP oversight, governance and compliance.
• Professional certification such as CISSP, CRISC, CISA or CISM.
• Practical experience with cloud security (Azure, AWS and GCP) and Vulnerability Management.
• Knowledge of Management frameworks such as NIST CSF, ISO 27001, etc.
• Knowledge of incident response processes, including MSSP collaboration.
• Understanding of compliance standards such as PCI-DSS, GDPR, or Canadian-specific cybersecurity regulations.
• Capacity to align MSSP operations with LCBO’s long-term cybersecurity goals.
• Experience analyzing cybersecurity metrics and produce executive-level reports.

We offer a comprehensive suite of benefits including:

• Health/Dental Benefits
• Access to an Employee & Family Assistance Program
• a Defined Benefit Pension
• Discounts on products and services via Workperks.

There is a world of opportunities at the LCBO…

Join an organization where you can be challenged while achieving your true potential. A place where you can make a positive impact supporting Ontario business and communities. Discover a safe, healthy, diverse, inclusive, and accountable workplace where your wellbeing is our top priority. At the LCBO, your contributions are respected and valued. Be part of our journey as we invest in people and technology to transform an organization. There really is a world of opportunities at the LCBO.

We foster a culture of inclusion and belonging, so everyone feels valued, respected, and heard. The LCBO is an equal opportunity employer and committed to providing employment accommodation in accordance with the Ontario Human Rights Code and the Accessibility of Ontarians with Disabilities Act. If contacted for an interview or employment opportunity, please advise if you require an accommodation.

Please submit your resume via Workday by 11:59pm on the deadline date. We appreciate your interest and advise that only those selected for an interview will be contacted.

The LCBO collects and uses the personal information you provide under the authority of the Liquor Control Board of Ontario Act, 2019, SO 2019, c 15, Sch 21, Section 3 and in compliance with the Freedom of Information and Protection of Privacy Act for the sole purpose of processing your job application. When you click “Apply with LinkedIn” you are agreeing to share your information with our service providers engaged by us in connection with recruitment and human resources related activities.

If you have any questions concerning the LCBO’s collection and use of personal information, please contact the Freedom of Information and Privacy Office.

Work Hours:

36.25

Union / Non-Union:

Non-Union

Job Posting End Date:

July 31, 2025

The LCBO is an equal opportunity employer and committed to providing employment accommodation in accordance with the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act.