Join our Talent Network

Specialist, IT & Cyber Operations (IAM) - 29190

Location: Canada
Posting Start Date: Apr 14, 2022
Posting End Date: Ongoing


Job Description


Being part of Air Canada is to become part of an iconic Canadian symbol, recently ranked the best Airline in North America. Let your career take flight by joining our diverse and vibrant team at the leading edge of passenger aviation.
The IAM specialist will be responsible for the maintenance and enhancement of the Air Canada PAM – Privileged Access Management platform and ensure it conforms to the cybersecurity control framework. He/she is responsible to engage and interact with various technology owners, including operations and risk management to ensure that the solution architecture and controls appropriately protect Air Canada and that their effectiveness is optimized. The specialist is also responsible to drive the cyber risk reduction strategy which will involve hands on involvement in Azure AD role management, SSO configuration and optimization.
This role reports into the Manager, IT and Cyber Operations.
Key Functions
  • Responsible for overall security posture of Air Canada’s technology environment with a specific focus in the Identity and Access Management domain
  • Coordinate with operational groups and business units to set up, implement, and maintain identity and access management measures to prevent or detect security incidents or breaches
  • Is this the thought and technical leader for at least 3 IAM platforms (ie, CyberArk, Azure AD, and Ping Fed)
  • Develop and communicate organizational objectives; inspire, motivate and train team members to follow and achieve organizational security standards
  • Generate security reports for IT administrators and business managers to evaluate the efficacy of security systems and policies
  • Lead business and technology analysis efforts for the Cybersecurity Control Framework
  • Lead requirement and systems analysis efforts, including translating business requirements
  • Works with entire risk team to ensure the adherence to the control framework and its integration with the risk methodology 
  • Participate on agile teams
  • Lead business case creation efforts to increase the effectiveness of the controls
  • Lead Planning and monitoring processes for the Cybersecurity Control Framework
  • Provide management with economic impact and compliance issues surrounding key business decisions
  • Define and maintain methods, techniques and calculations for identifying ways to improve business/technical processes


  • A relevant University degree/technical certification, and/or relevant experience commensurate to the role
  • Minimum 9 years of IT technology, operations and people leadership experience in a large company
  • Minimum 8 years in an information security/compliance role 
  • 5+ years of progressive experience designing and implementing Privileged Access Management (PAM) solutions for enterprise organizations
  • 5+ years experience with administering and engineering CyberArk Thycotic or other PAM solutions for integrating privileged accounts for associates, applications, services, Safes, Policies, roles, permissions to access various systems including windows servers, UNIX servers, cloud platforms and applications
  • + 5 years experience, developing enterprise-wide policies and standards for Active Directory, Azure Active Directory, Amazon Web Services Integrated Access Management or similar, and setting best practices for maintenance and operations of a geographically or logically diverse multi-site Active Directory environment or a cloud-based IAM platform such as Azure Active Directory
  • 3+ years of engineering and development of security agents / solutions to integrate into Security Orchestration, Automation and Response.
  • 3+ years of engineering for back-end management server infrastructure and databases
  • 3+ years of integration with analytics and compliance tooling
  • 2+ years of experience in gathering IAM business requirements and developing the technical design document.
  • Previous experience in managing and working with strategic partners (outsourced model)
  • IT security certifications is an asset (SSCP, CISM, CISA, or CISSP)
  • In-depth knowledge of cybersecurity control frameworks (NIST, ISO, etc).
  • Experience in IT security risk management is an asset
  • Experience with PCI and 52-109 is an asset
  • Ability to work across multiple technical teams to set direction and priority
  • Experience with working within multidisciplinary and collaborative environments
  • Exceptional analytical, organizational and communication skills
  • Self-motivated and independent worker
  • Possess investigative nature and be self-motivated
  • Results oriented with proactive and methodical approach to problem solving
  • Able to multi-task and work under pressure against tight deadlines and changing priorities
  • Must be a team player with ability to work closely with diverse groups and working styles
  • Ability to establish and maintain effective business relationships
  • Flexibility and willingness to work extended hours, when required
Conditions of Employment:
  • Candidates must be eligible to work in the country of interest, at the time any offer of employment is made and seeking any required work permits/visas or other authorizations which may be required is the sole responsibility of the candidates applying for this position.
Linguistic Requirements

Based on equal qualifications, preference will be given to bilingual candidates. 
Diversity and Inclusion
Air Canada is strongly committed to Diversity and Inclusion and aims to create a healthy, accessible and rewarding work environment which highlights employees’ unique contributions to our company’s success.
As an equal opportunity employer, we welcome applications from all to help us build a diverse workforce which reflects the diversity of our customers, and communities, in which we live and serve.

Air Canada thanks all candidates for their interest; however only those selected to continue in the process will be contacted.

Similar Jobs

Cybersecurity Risk Specialist

DORVAL, QC, Canada

Enterprise Platform Specialist

DORVAL, QC, Canada