Are you passionate about reaching new heights, teamwork and making a meaningful contribution? Do you picture yourself as a valued member of an industry-leading organization? If you answered yes to these questions, Air Canada is seeking enthusiastic individuals to join the diverse and vibrant team working together to lead the growth and expansion of Canada’s flag carrier.
Creates, implements and drives the efficient/effective planning and execution of the enterprise wide compliance and risk management strategies.
Owns and risk and compliance function for IT.
- Assists in developing, implementing and managing enterprise risk management strategy to ensure thorough and robust approach to monitoring, evaluating and managing information technology risks across the enterprise
- Ensure adherence to laws and regulations, internal policies, processes and procedures
- Identify potential information technology risks and assess impact, probability of occurrence and timeframe
- Develop and implement a standard framework to assess the relative scope and magnitude of information technology, regulatory and compliance risks
- Develop, implement and monitor approach for evaluating risks, including defining risk categories, tolerances and weighting
- Provide guidance and subject matter expertise regarding information technology risks and mitigation planning to stakeholders across the organization
- Works with enterprise risk groups and co-ordinates internal and external audits
- Owns the risk register and compliance action items to ensure IT is compliant to Air Canada’s corporate risk requirements
- Ensure Air Canada’s compliance to PCI- DSS, C-SOX (NI52-109), PEPIDA and other compliance requirements
- Work closely with relevant stakeholders to collect and use information for improved business and operational performance
- Reviewing and analyzing data from multiple internal and external stakeholders
- Communicating analysis results and making recommendations to relevant stakeholders
- Provide support for the business analysis and technology/business integration efforts
- Analyze technology trends to determine impact to the achievement of business goals
- Support in creating business cases
- Support Planning and monitoring processes
- Provide management with economic impact and compliance issues surrounding key business decisions
- Support definition and maintenance of methods, techniques and calculations for identifying ways to improve business/technical processes
- 5-10 or more years of IT Audit/Risk Management, Compliance and people leadership in a large company or Big 4 audit firm
- Certified Information Systems Auditor (CISA) is required, CISSP is an asset
- Experience in PCI, 52-109 and ISO 27001 or equivalent
- A relevant University degree/technical certification, and/or relevant experience commensurate to the role
- Demonstrate significant technical depth to balance tactical and strategic priorities
- Exceptional analytical, organizational and communication skills
- Self-motivated and independent worker
- Possess investigative nature and be self-motivated
- Results oriented with proactive and methodical approach to problem solving
- Able to multi-task and work under pressure against tight deadlines and changing priorities
- Must be a team player with ability to work closely with diverse groups and working styles
- Ability to establish and maintain effective business relationships
- Flexibility and willingness to work extended hours, when required
Based on equal qualifications, preference will be given to bilingual candidates.
Diversity and Inclusion
Air Canada is strongly committed to Diversity and Inclusion and aims to create a healthy, accessible and rewarding work environment which highlights employees’ unique contributions to our company’s success.
As an equal opportunity employer, we welcome applications from all to help us build a diverse workforce which reflects the diversity of our customers, and communities, in which we live and serve.
Air Canada thanks all candidates for their interest; however only those selected to continue in the process will be contacted.