Being part of Air Canada is to become part of an iconic Canadian symbol, recently ranked the best Airline in North America. Let your career take flight by joining our diverse and vibrant team at the leading edge of passenger aviation.
This team is focused on developing and driving IT risk and cybersecurity compliance strategies, policies/standards, ensuring the effectiveness of solutions, and providing IT risk management and security-focused consultative services to the organization. The Analyst, Cybersecurity will plan, execute, and help efforts to manage risk and mitigation/response, compliance, control assurance, and user awareness for the organization.
This role will be reporting to the Manager, Cybersecurity.
- Assists in developing, implementing, and managing enterprise risk management strategy to ensure thorough and robust approach to monitoring, evaluating, and managing information technology & Cybersecurity risks across the enterprise
- Ensure adherence to laws and regulations, internal policies, processes, and procedures
- Identify potential information technology & Cybersecurity risks and assess impact, probability of occurrence and timeframe
- Assist in the development and implementation of a standard framework to assess the relative scope and magnitude of information technology, regulatory and compliance risks
- Assist in the development, implementation and monitoring approach for evaluating risks, including defining risk categories, tolerances and weighting
- Provide guidance and subject matter expertise regarding information technology & Cybersecurity risks and mitigation planning to stakeholders across the organization
- Works with enterprise risk groups and co-ordinates internal and external audits
- Owns the risk register and compliance action items to ensure IT is compliant to Air Canada’s corporate risk requirements
- Supports Air Canada’s compliance to PCI- DSS, C-SOX (NI 52-109), SOC2, PIPEDA and other compliance requirements
- Work closely with relevant stakeholders to collect and use information for improved business and operational performance
- Reviewing and analyzing data from multiple internal and external stakeholders
- Communicating analysis results and making recommendations to relevant stakeholders
- Provide support for the business analysis and technology/business integration efforts
- Analyze technology trends to determine impact to the achievement of business goals
- Support in creating business cases
- Support Planning and monitoring processes
- Support definition and maintenance of methods, techniques and calculations for identifying ways to improve business/technical processes
- Works within a functional area to ensure synergistic collaboration and attain shared goals.
- Supports the development of technical capabilities
- Responsible for actively supporting the development and enhancement of processes, priorities, and goals for Risk & Compliance
- Responsible for driving continuous improvement objectives for Risk & Compliance
- 4 or more years of IT Audit/Risk Management/Compliance
- Experience in PCI, 52-109, SOC2 or equivalent is required
- Certified Information Systems Auditor is an asset
- Certified Information Systems Security Professional (CISSP) is an asset
- A relevant University degree/technical certification, and/or relevant experience commensurate to the role
- Demonstrate significant technical depth to balance tactical and strategic priorities
- Exceptional analytical, organizational and communication skills
- Self-motivated and independent worker
- Possess investigative nature and be self-motivated
- Results oriented with proactive and methodical approach to problem solving
- Able to multi-task and work under pressure against tight deadlines and changing priorities
- Must be a team player with ability to work closely with diverse groups and working styles
- Ability to establish and maintain effective business relationships
- Flexibility and willingness to work extended hours, when required
Conditions of Employment:
Based on equal qualifications, preference will be given to bilingual candidates.
Diversity and Inclusion
Air Canada is strongly committed to Diversity and Inclusion and aims to create a healthy, accessible and rewarding work environment which highlights employees’ unique contributions to our company’s success.
As an equal opportunity employer, we welcome applications from all to help us build a diverse workforce which reflects the diversity of our customers, and communities, in which we live and serve.
Air Canada thanks all candidates for their interest; however only those selected to continue in the process will be contacted.