Join our Talent Network

Specialist Cyber Operations - 35192

Location: TORONTO, ON, Canada
Posting Start Date: Mar 26, 2024
Posting End Date: Apr 9, 2024


Job Description


Being part of Air Canada is to become part of an iconic Canadian symbol, recently ranked the best Airline in North America. Let your career take flight by joining our diverse and vibrant team at the leading edge of passenger aviation.

The Cyber Security Operations Centre Specialist will be working in a fast paced and innovative environment for one of North America’s top airlines. The role is responsible for the protection of Air Canada’s public digital assets that provide services to our customers and employees. Air Canada’s cyber security systems are foundational to protecting the data and systems that allow its customers to fly safely. Cyber security threats continue to evolve, and the Cyber Security Operations Centre Specialist role will evolve with it. As a specialist you will be expected to lead the technical direction of cyber security technologies protecting our web applications, collaborate with development teams, design and implement mitigating strategies against bots, scarpers, and attacks against Air Canada. 


  • Responsible for the security posture of Air Canada’s technology environment.
  • Responsible for Web Application Firewall, monitoring, onboarding of applications, responding to outages and attacks.
  • Responsible for continued improvement of preventative and mitigating strategies on our Web Applications.

Functional Accountabilities

  • Develop and manage Web Application Firewall (WAF) services. 
  • Work with Content Delivery services for major web applications.
  • Develop and maintain use cases to identify and prevent suspicious, atypical traffic or general attacks against Air Canada Web Applications. Test and validate rules with a high degree of confidence.
  • Act as an escalation point for development and business teams impacted by outages or attacks.
  • Create, support, and maintain all pertinent documentation, which includes but is not limited to, root cause analysis, standard operating procedures, incident response playbooks, applicable standards for monitoring and security tooling.
  • Monitor compliance with information security policies and procedures.
  • Develop, manage, measure and report on key service-level metrics showcasing the effectiveness of the Cyber Security Operations program.
  • Provide expertise in the definition, selection and implementation of IT Security and Business Continuity related controls to the IT Department.
  • Develop and communicate operational security objectives; inspire, motivate and train team members to follow and achieve organizational security standards.
  • Identifies, analyzes patterns, and responds accordingly to security events.
  • Support and manage DNS changes.
  • Facilitate registrar purchases and transfers for domains.


  • Lead business and technology analysis efforts for the Cyber Security Operations Centre.
  • Lead requirements and analysis efforts, including translating business requirements.
  • Lead Planning and monitoring processes for a particular functional area (Web Application Security).
  • Define and maintain methods, techniques and calculations for identifying ways to improve security operational processes.
  • Be a senior technical resource and subject matter expert on matters related to cyber security and web application security including WAF and CDN.
  • Build relationships throughout the organization to enhance and support our focus on safe, secure, and reliable operations.
  • Maintain up-to-date understanding of security threats, countermeasures, security tools and network technologies.
  • Act as a senior resource for a group of junior resources.


  • A relevant University degree/technical certification, and/or relevant experience commensurate to the role.
  • 7-12 years of IT technology, operations and people leadership experience in a large company.
  • Certification in any Information Security (Any advanced blue /red team training). 
  • Demonstrated experience (5 years +): Incident/Major Incident, ITIL process concepts and execution (Incident Management, Problem Management, and Change Management), cyber security incident response, Enterprise SIEM technologies (ie. Sentinel, Arcsight, Splunk, QRadar, LogRhythm), Threat intelligence management.
  • Experience with packet flow concepts, TCP/UDP traffic, HTTP and interactions between clients and servers, firewall technologies, and IPS technologies 
  • Familiarity with various types of attacks targeting web applications such as SQLi, XSS, CSRF, etc.
  • Knowledge of the OWASP top 10 threats. 
  • Experience with key WAF concepts such as Anti-Bot, Anti-DDOS, rate limiting. 
  • This position requires a high level of availability and flexibility as shift work may be part of the requirement as this role is part of our 24/7 IT Operations.
  • Able to communicate effectively and to work collaboratively with all levels of the organization with superior verbal and written skills.
  • Superior customer service and client interfacing skills.
  • Certification in any WAF technologies an asset.

Behavioral Competencies

  • Excellent communication skills, capable of conveying complex security and caching concepts to both technical and non-technical stakeholders.
  • Ability to work effectively under pressure and in rapidly changing environments or uncertain conditions.
  • Takes responsibility for the results and actively participates in the future direction of the organization.
  • Ability to work cooperatively with others on a team, and to establish and maintain effective business relationships.
  • Ability to maintain a professional and assertive demeanor under challenging situations and possesses confidence to act on critical decisions.
  • Able to handle multiple tasks in a fast-paced environment.

Working Conditions:

  • After hours on-call support for escalations.
  • Ability to travel and work effectively with remote teams.
  • Three times a week in the office at core locations.

Conditions of Employment:

  • Candidates must be eligible to work in the country of interest, at the time any offer of employment is made and seeking any required work permits/visas or other authorizations which may be required is the sole responsibility of the candidates applying for this position.

Linguistic Requirements

Based on equal qualifications, preference will be given to bilingual candidates.

Diversity and Inclusion

Air Canada is strongly committed to Diversity and Inclusion and aims to create a healthy, accessible and rewarding work environment which highlights employees’ unique contributions to our company’s success.

As an equal opportunity employer, we welcome applications from all to help us build a diverse workforce which reflects the diversity of our customers, and communities, in which we live and serve.

Air Canada thanks all candidates for their interest; however only those selected to continue in the process will be contacted.