Cybersecurity Risk Specialist - 32376

Job Description

Description

• Leads in the development and implementation of the IT Risk framework to assess the risks quantitatively
• Leads and advises on identification of cyber risks, communication, and development of best practices, and implementation of mitigating controls consistent with company strategy.
• Supporting the leadership team on strategic initiatives specific to the respective portfolio
• Leads, monitor and advises on the execution of risk management activities and assessments
• Provide expertise in the definition, selection and implementation of IT Security related controls
• Coordinate with operational groups and business units to set up and implement various cybersecurity controls and measures.
• Contribute to the development documentation, monitoring and maintenance of information security standards, policies and protocols to ensure organizational infrastructure, data and resources are protected from unauthorized and inappropriate use or access
• Act as a subject matter expert for all application security related questions. 
• Lead the delivery of cyber capabilities for Air Canada.
• Advise on meeting compliance with information security policies and procedures
• Generate security reports for IT administrators and business managers to evaluate the efficacy of security systems and policies
• Track risks and contribute to the development and improvement of Air Canada GRC tool.
• Support business initiatives, while making sure any Cyber specific risk introduced is properly managed
• Implement and manage governance around business partner/security management both internally and externally
• Ensure that the company’s internal technological processes and services comply with community expectations, laws, and regulations for privacy, security, and social responsibility
• Represent the organization and take an active participation on different IT business or security airline specific forums

Qualifications

• A relevant University degree/technical certification, and/or relevant experience commensurate to the role
• 9-12 years of IT technology with minimum 5 years in an IT Security role, operations and people leadership experience in a large company
• Extensive information security understanding and knowledge
• Certification in Risk Management or Analysis (FAIR) (recommended)
• Certification in Information Security (CISSP, ISC, CISM) practices and policies (recommended)
• Advanced Archer technical knowledge
• Exceptional analytical, organizational and communication skills
• Self-motivated and independent worker
• Possess investigative nature and be self-motivated
• Results oriented with proactive and methodical approach to problem solving (Critical thinking)
• Able to multi-task and work under pressure against tight deadlines and changing priorities
• Must be a team player with ability to work closely with diverse groups and working styles
• Ability to establish and maintain effective business relationships
• Flexibility and willingness to work extended hours, when required
• Candidates must be eligible to work in the country of interest, at the time any offer of employment is made and seeking any required work permits/visas or other authorizations which may be required is the sole responsibly of the candidates applying for this position. 

• Candidates must be eligible to work in the country of interest, at the time any offer of employment is made and seeking any required work permits/visas or other authorizations which may be required is the sole responsibility of the candidates applying for this position.