Accelerate your career with the most awarded Air Cargo Airline in Canada!
Cargojet is Canada's leading provider of time-sensitive overnight air cargo services and carries over 1,300,000 pounds of cargo each business night. Cargojet operates its network across North America each business night, utilizing a fleet of all-cargo aircraft Cargojet has been awarded one of Canada’s 50 Best Managed Companies as well as being awarded the Shipper’s Choice Award for the best Air Cargo Carrier in Canada for the past number of years. Being part of Cargojet will allow you to become a part of a diverse and vibrant family at the leading edge of the air cargo industry both domestically and internationally. Cargojet team members are dedicated, hardworking, and have a strong sense of leadership and commitment.
Job Summary:
Under the general direction of the Director of Information Technology and working hand on hand with the Cybersecurity Lead, the successful applicant will play a vital role in safeguarding the organization's digital assets and protecting sensitive information from unauthorized access, threats, and vulnerabilities.
Job duties and responsibilities:
- Operate and support core security controls, including vulnerability management, secure configuration, patching, and remediation tracking.
- Collaborate with IT and engineering teams to provide security best-practice guidance and support secure system design.
- Participate in security monitoring, incident investigation, and response, including root cause analysis and coordination with SOC partners.
- Support email security, phishing, and user security awareness initiatives, including analysis and containment of reported threats.
- Support data security and privacy controls, including encryption, DLP, access governance, and business continuity/disaster recovery readiness.
- Maintain and improve security processes, documentation, and automation, leveraging scripting where appropriate.
- Assist with internal security assessments, third-party risk activities, and remediation tracking.
- Support identity, access, and privilege management, including RBAC, MFA, PAM, and least-privilege enforcement.
- Assist in securing cloud and infrastructure environments (AWS) in alignment with industry frameworks such as NIST and CIS.
- Monitor emerging threats and security advisories and take appropriate action to reduce risk.
- Support coordination with third-party cybersecurity service providers, including threat monitoring and cyber insurance partners.
Job requirements and qualifications:
- Post-secondary degree or diploma in Information Technology from an accredited institution
- 5 years of progressive experience in Cybersecurity and Information Security roles
- Relevant certifications such as CEH/Security+, AWS Certified Security - Specialty, GCSA
- Nice to have certifications such as CISSP/CISM, CISA, GIAC
- Hands-on experience in conducting Threat Risk Assessments, Vulnerability Assessments, Penetration Testing, Incident Response
- Deep experience in the application and management of frameworks like NIST, ISO 27001, SANS 20
- Proven leadership and collaboration skills, and ability to communicate complex concepts at all levels
- Hands-on experience in the implementation and management of technologies and processes used to safeguard information assets
