Description Being part of Air Canada is to become part of an iconic Canadian symbol, recently ranked the best Airline in North America. Let your career take flight by joining our diverse and vibrant team at the leading edge of passenger aviation. The Specialist, Cybersecurity Compliance will be working in a fast paced and innovative environment supporting the overall security posture of Air Canada’s technology environment: cyber monitoring, detection, and response systems. Air Canada’s cyber security systems are foundational to protecting the data and systems that allow its customers to fly safely. The Specialist, Cybersecurity Compliance acts as a cyber security subject matter expert and provides guidance concerning the cyber security program, cyber risks and compliance for Air Canada and its affiliates. He/she will consult, advise and lead the execution of cyber initiatives part of the cyber security program, and partner with teams across the company to optimize company’s security posture while ensuring the business is able to innovate. This position also manages relationships with the key Service Providers. Responsibilities:Lead, monitor and advise on the execution of assessments to ensure compliance with internal information security policies and procedures, as well as external requirementsSupport multiple audits and compliance assessments and report status to managementIdentify cyber risks, communicate and develop “best practice” solutions, and implement mitigating controls consistent with company strategyContribute to the development, documentation, monitoring and maintenance of information security standards, policies and protocols to ensure organizational infrastructure, data and resources are protected from unauthorized and inappropriate use or accessEnsure adherence to laws and regulations, internal policies, processes, and proceduresProvide expertise in the definition, selection and implementation of cyber security related controlsOwns the risk register and compliance action items to ensure IT is compliant to Air Canada’s corporate risk requirements Assist in the development and implementation of a standard framework to assess the relative scope and magnitude of information technology, regulatory and compliance risksAdvise the organization about cyber security threats, technologies and related regulatory requirementsConsult on regulatory compliance requirements, reporting and questions.Participate in new business initiatives and product development activities to promote and implement functionality necessary to support required compliance capabilitiesCollaborate with different departments (i.e. Architecture, Data management, Legal, Privacy) to ensure that data security practices satisfy cyber security, privacy and compliance requirementsRepresent the organization and take an active participation on different business or security airline specific forumsSupport the leadership team on strategic initiatives specific to the respective portfolioQualifications A relevant University degree/technical certification, and/or relevant experience commensurate to the role. Minimum 7 years of experience in a cyber security and/or risk and compliance role.Current information security certification (CISSP, CISM or equivalent)Relevant privacy industry certifications (e.g. CIPP, CIPM, etc.) a plusStrong knowledge and understanding of cyber security concepts, protocols, industry best practices, strategies, frameworks and regulations such as SOC2, SOX, PCI DSS, ISO, CoBIT, NIST, PIPEDA, GDPRRelevant experience defining business processes and controls around sensitive data and applications to ensure compliance with data protection regulations (e.g. PIPEDA, GDPR)Strong communication skills, (written and verbal), and the ability to bridge the language between technology and businessSelf-motivated and capable to work with minimal supervisionResults oriented with proactive and methodical approach to problem solvingAble to multi-task and work under pressure against tight deadlines and changing prioritiesMust be a team player with ability to work closely with diverse groups and working stylesAbility to establish and maintain effective business relationshipsConditions of Employment:Candidates must be eligible to work in the country of interest, at the time any offer of employment is made and seeking any required work permits/visas or other authorizations which may be required is the sole responsibility of the candidates applying for this position.Mandatory Covid-19 Vaccination RequiredLinguistic RequirementsBased on equal qualifications, preference will be given to bilingual candidates. Diversity and Inclusion Air Canada is strongly committed to Diversity and Inclusion and aims to create a healthy, accessible and rewarding work environment which highlights employees’ unique contributions to our company’s success. As an equal opportunity employer, we welcome applications from all to help us build a diverse workforce which reflects the diversity of our customers, and communities, in which we live and serve.Air Canada thanks all candidates for their interest; however only those selected to continue in the process will be contacted.