Specialist, Cybersecurity - Cloud Security - 33542

Job Description

Description

Being part of Air Canada is to become part of an iconic Canadian symbol, recently ranked the best Airline in North America.

Let your career take flight by joining our diverse and vibrant team at the leading edge of passenger aviation.

The Specialist, Cybersecurity will be working in a fast paced and innovative environment supporting the overall security posture of Air Canada's technology environment.

Air Canada's cybersecurity systems are foundational to protecting the data and systems that allow its customers to fly safely.

The Specialist, Cybersecurity role acts as a security subject matter expert and provides guidance concerning IT risks and security assessments for Air Canada and its affiliates.

He / she will evaluate Air Canada's existing security systems to determine potential cybersecurity risks, provide inputs on security requirements for personal, commercial and financial data as well as the operation of Air Canada IT networks and infrastructure.

Cybersecurity threats continue to evolve, and the Cybersecurity team will evolve with it.

This position will be reporting to Manager, Cybersecurity Advisory and Assessment

Responsibilities :

• Contribute to the development documentation, monitoring and maintenance of information security standards, policies and protocols to ensure organizational infrastructure, data and resources are protected from unauthorized and inappropriate use or access.
• Coordinate with operational groups and business units to set up and implement various cybersecurity controls and measures.
• Review and offer security recommendations for architecture diagrams.
• Periodically review and assess Air Canada's cloud instances and integrations (AWS and Azure).
• Lead the delivery and operationalization of cyber capabilities for Air Canada including cloud specific capabilities like CSPM, CNAPP, CWPP, CASB etc.
• Lead the definition and implementation of a Cloud security framework.
• Advise on meeting compliance with information security policies and procedures.
• Provide expertise in the definition, selection and implementation of IT Security related controls to the IT Department.
• Provide security advisory services by conducting tests on a current system to determine vulnerable areas.
• Generate security reports for IT administrators and business managers to evaluate the efficacy of security systems and policies.
• Track risks using the Air Canada GRC tool (Archer).
• Support the business initiatives, while making sure any Cyber specific risk introduced is properly managed.
• Identify Cyber risks, communicate and develop "best practice" solutions, and implement mitigating controls consistent with company strategy.
• Plan, coordinate and oversee activities related to the design, development and integration of information systems, operations systems and reporting systems in a business or security or risk context.
• Introduce new processes and ensure that gaps in the aforementioned items are identified and addressed ahead of time.
• Implement and manage governance around business partner / security management both internally and externally.
• Work with the vendor's teams (business and technical) to establish and review policies and IT direction.
• Perform project reviews to ensure that they align to Air Canada's business / information security requirements.
• Ensure that the company's internal technological processes and services comply with community expectations, laws, and regulations for privacy, security, and social responsibility.
• Represent the organization and take an active participation on different IT business or security airline specific forums.
• Supporting the leadership team on strategic initiatives specific to the respective portfolio.

Qualifications

• A relevant University degree / technical certification, and / or relevant experience commensurate to the role.
• 9-12 years of IT technology with minimum 5 years in an IT Security role, operations and people leadership experience in a large company.
• Extensive Cloud, Infrastructure and Architecture understanding.
• Certification in Information Security (CISSP, ISC, CISM, CCSP) practices and policies.
• Exceptional analytical, organizational and communication skills.
• Self-motivated and independent worker.
• Possess investigative nature and be self-motivated.
• Results oriented with proactive and methodical approach to problem solving.
• Able to multi-task and work under pressure against tight deadlines and changing priorities.
• Must be a team player with ability to work closely with diverse groups and working styles.
• Ability to establish and maintain effective business relationships.
• Flexibility and willingness to work extended hours, when required

Conditions of Employment :

Candidates must be eligible to work in the country of interest, at the time any offer of employment is made and seeking any required work permits / visas or other authorizations which may be required is the sole responsibility of the candidates applying for this position.

Linguistic Requirements

Based on equal qualifications, preference will be given to bilingual candidates.

Diversity and Inclusion

Air Canada is strongly committed to Diversity and Inclusion and aims to create a healthy, accessible and rewarding work environment which highlights employees' unique contributions to our company's success.

As an equal opportunity employer, we welcome applications from all to help us build a diverse workforce which reflects the diversity of our customers, and communities, in which we live and serve.

Air Canada thanks all candidates for their interest; however only those selected to continue in the process will be contacted.