Being part of Air Canada is to become part of an iconic Canadian symbol, recently ranked the best Airline in North America. Let your career take flight by joining our diverse and vibrant team at the leading edge of passenger aviation.
The Cybersecurity Operations Center is responsible for protecting the Air Canada technology environments from cyber threats and protecting personal, commercial and financial data. The Manager, Cyber Operations of the CSOC is accountable for maintaining a strong cyber incident response practice through a 24x7 operations center and maintaining and optimizing a collection of monitoring and intelligence technology. The manager will also be critical in delivering and providing informed input for security and business initiatives.
Responsibilities:
- Lead daily operations of the 24x7 Cybersecurity Operations Center
- Maintain and mature a comprehensive cyber incident response plan, including triage processes, escalation procedures, playbook development, and coordination of cross-functional response activities.
- Manage and optimize the security monitoring technology stack (SIEM, SOAR, EDR, threat intelligence tools)
- Develop and maintain threat detection configurations
- Effectively manage and mentor a team of cybersecurity analysts and engineers
- Manage relationship with a large managed services provider
- Fill the role of incident commander for major cyber events
- Collaborate with IT, Data and Digital teams to ensure secure operations, proper logging architectures, and alignment of detection and response capabilities.
- Provide cybersecurity input and recommendations into enterprise cybersecurity strategy and risk discussions
- Establish and track operational metrics and KPIs, reporting on threat trends, response performance, and system health
- Ensure CSOC processes, tools, and technologies are compliant with regulatory, privacy, and industry standards relevant to the aviation sector.
Qualifications
- University degree (and/or relevant experience) in a cybersecurity/tech related field
- 5+ years of experience with cyber operations
- Knowledge in asset classification and risk management frameworks
- Leadership experience with ability to work well with cross-functional teams
- Must be self motivated
- Strong communication skills, (written and verbal), and the ability to bridge the language between technology and business.
- Must be a team player with capacity to work with minimal supervision.
- Excellent interpersonal skills.
- Demonstrate punctuality and dependability to support overall team success in a fast-paced environment.
- Experience with cyber technologies an asset (Microsoft sentinel, Devo logichub, anomali, flashpoint)
Conditions of Employment:
Candidates must be eligible to work in the country of interest at the time any offer of employment is made and are responsible for obtaining any required work permits, visas, or other authorizations necessary for employment. Prior to their start date, candidates will also need to provide proof of their eligibility to work in the country of interest.
Linguistic Requirements
Based on equal qualifications, preference will be given to bilingual candidates.
Diversity and Inclusion
Air Canada is strongly committed to Diversity and Inclusion and aims to create a healthy, accessible and rewarding work environment which highlights employees’ unique contributions to our company’s success.
As an equal opportunity employer, we welcome applications from all to help us build a diverse workforce which reflects the diversity of our customers, and communities, in which we live and serve.
Air Canada thanks all candidates for their interest; however only those selected to continue in the process will be contacted.
