Join our Talent Network

Specialist, Cyber Security Operations Centre - 27702

Location: Canada
Posting Start Date: Dec 23, 2021
Posting End Date: Ongoing


Job Description


Being part of Air Canada is to become part of an iconic Canadian symbol, recently ranked the best Airline in North America. Let your career take flight by joining our diverse and vibrant team at the leading edge of passenger aviation.
The Cyber Security Operations Centre Specialist will be working in a fast paced and innovative environment for one of North America’s top airlines. The role is responsible for leading the technical direction of Air Canada’s cyber monitoring, detection, and response systems. Air Canada’s cyber security systems are foundational to protecting the data and systems that allow its customers to fly safely. Cyber security threats continue to evolve, and the Cyber Security Operations Centre Specialist role will evolve with it. As a specialist you will be expected to lead the technical direction of cyber security technologies, deploy, and configure new cyber security technologies, develop standard operating procedures that will be used by members of the Cyber Security Operations Centre team, inspire and train a team of 7x24 Cyber Security Analysts on preventing/detecting/responding to security threats, and establish relationships with Air Canada service owners to protect their data and systems.
  • Responsible for the security posture of Air Canada’s technology environment
  • Responsible for security monitoring, response, and remediation activities of Air Canada’s technology environment
  • Responsible for creating opportunities for new and previously unknown avenues for threat intelligence
Functional Accountabilities
  • Develop and maintain a Security Incident Event Management (SIEM) system for a 7x24 team of cyber security analysts
  • Develop and maintain detection and response technologies that continuously evolve with the changing cyber threat landscape
  • Act as an escalation point for tier 1 and 2 cyber security analysts responding to cyber security incidents
  • Create, support, and maintain all pertinent documentation, which includes but is not limited to, root cause analysis, standard operating procedures, incident response plans, applicable standards for monitoring and security tooling
  • Automate Security related tasks with a high degree of efficiency leveraging a SOAR platform
  • Perform Digital Forensics, Incident Response (DFIR) and threat hunting activities using relevant actor TTP's and IOCs
  • Monitor compliance with information security policies and procedures
  • Develop, manage, measure and report on key service-level metrics showcasing the effectiveness of the Cyber Security Operations program
  • Provide expertise in the definition, selection and implementation of IT Security and Business Continuity related controls to the IT Department
  • Develop and communicate operational security objectives; inspire, motivate and train team members to follow and achieve organizational security standards
  • Lead business and technology analysis efforts for the Cyber Security Operations Centre
  • Lead requirements and analysis efforts, including translating business requirements
  • Lead use case creation efforts
  • Lead Planning and monitoring processes for a particular functional area
  • Define and maintain methods, techniques and calculations for identifying ways to improve security operational processes
  • Be a senior technical resource and subject matter expert on matters related to cyber security
  • Build relationships throughout the organization to enhance and support our focus on safe, secure, and reliable operations
  • Maintain up-to-date understanding of security threats, countermeasures, security tools and network technologies


  • Certification in Information Security (Any advanced blue/purple team training) 
  • Demonstrated experience (5 years +): Incident/Major Incident, ITIL process concepts and execution (Incident Management, Problem Management, and Change Management), cyber security incident response, Enterprise SIEM technologies (ie. Sentinel, Arcsight, Splunk, QRadar, LogRhythm), Threat intelligence management
  • Experience with enterprise SOAR technologies (ie, LogRhythm, Logichub, Demisto, etc.)
  • Experience and knowledge of packet flow, TCP/UDP traffic, firewall technologies, IPS technologies, proxy technologies, WAF Technologies, mail filtering solutions, antivirus, EDR, Windows and *NIX operating systems
  • Scripting knowledge in Python and PowerShell 
  • This position requires a high level of availability and flexibility as shift work may be part of the requirement as this role is part of our 24/7 IT Operations.
  • Able to communicate effectively and to work collaboratively with all levels of the organization with superior verbal and written skills
  • Superior customer service and client interfacing skills
Work Experience
  • 7-12 years of IT technology, operations and people leadership experience in a large company 
Desired Education 
  • A relevant University degree/technical certification, and/or relevant experience commensurate to the role
Behavioral Competencies
  • Ability to work effectively under pressure and in rapidly changing environments or uncertain conditions.
  • Takes responsibility for the results and actively participates in the future direction of the organization
  • Ability to work cooperatively with others on a team, and to establish and maintain effective business relationships
  • Ability to maintain a professional and assertive demeanor under challenging situations and possesses confidence to act on critical decisions.
  • Able to handle multiple tasks in a fast-paced environment.
Working Conditions:
  • After hours on-call support for escalations
  • Ability to travel and work effectively with remote teams
  • Working from home office if not located at core locations
Conditions of Employment:
  • Candidates must be eligible to work in the country of interest, at the time any offer of employment is made and seeking any required work permits/visas or other authorizations which may be required is the sole responsibility of the candidates applying for this position.
  • Mandatory Covid-19 Vaccination Required
Linguistic Requirements

Based on equal qualifications, preference will be given to bilingual candidates. 
Diversity and Inclusion
Air Canada is strongly committed to Diversity and Inclusion and aims to create a healthy, accessible and rewarding work environment which highlights employees’ unique contributions to our company’s success.
As an equal opportunity employer, we welcome applications from all to help us build a diverse workforce which reflects the diversity of our customers, and communities, in which we live and serve.

Air Canada thanks all candidates for their interest; however only those selected to continue in the process will be contacted.