About the role
Being part of Air Canada is to become part of an iconic Canadian symbol, recently ranked the best Airline in North America. Let your career take flight by joining our diverse and vibrant team at the leading edge of passenger aviation. The Specialist, Cyber Operations will be working in a fast-paced and innovative environment supporting one of North America’s top airlines. This role requires strong analytical capabilities, technical depth, and sound judgment in dynamic and high-pressure situations. As a Specialist within the Cyber Security Operations Centre (CSOC), you will be a key contributor to advanced monitoring, detection engineering, and incident response activities. You will support the continuous improvement of detection capabilities and contribute to protecting Air Canada’s systems, data, and customers. The Cyber Security Operations Centre is the first line of defense to protect Air Canada and our customers. The role reports to the Manager, Cyber Operations. Responsibilities: Manage, maintain and optimize CSOC technologies, including SIEM, SOAR, and associated detection and response platforms. Perform Digital Forensics Incident Response (DFIR) and threat hunting activities using relevant actor TTPs and IOCs. Enhance as well as maintain detection and response technologies to address the evolving cyber threat landscape Act as an escalation point for cyber security analysts responding to incidents. Create, and maintain documentation including root cause analysis, SOPs, and incident response procedures. Participate in initiatives to improve IT efficiency, customer experience, and cyber security posture. Measure and report on key service-level metrics demonstrating CSOC effectiveness. Produce and contribute to Threat Intelligence related to observed threats. Develop and communicate operational security objectives and support team alignment. Collaborate with stakeholders to collect and analyze information during investigations. Review and analyze data from multiple internal and external sources. Communicate findings and provide actionable recommendations. Facilitate business analysis and technology integration efforts Drive detection use case development and monitoring processes Build relationships across the organization to support secure and reliable operations. Maintain up-to-date knowledge of evolving threats, technologies, and security practices.
A relevant University degree, technical certification, and/or equivalent experience commensurate to the role. 5+ years of IT, security operations, or cyber security experience in a large enterprise environment. Strong understanding of network protocols, packet flow, TCP/UDP traffic, and security technologies including firewalls, IPS, proxy, WAF, and endpoint detection solutions. Experience working in a 24/7 operational environment (shift work and on-call support may be required). Strong analytical, problem-solving, and decision-making skills. Ability to communicate effectively and collaborate with stakeholders at all levels of the organization. Ability to work effectively under pressure in rapidly changing environments. Ability to manage multiple priorities in a fast-paced environment. Demonstrated commitment to continuous service improvement. Experience troubleshooting, tuning, or improving detections that produced false positives or failed to detect expected activity. Attention to detail: Candidates are expected to identify inconsistencies and unclear technical requirements, demonstrate judgment in determining whether to question, ignore, or clarify instruction. Experience with threat detection platforms such as Microsoft Sentinel, Microsoft Defender for Endpoint, or Palo Alto Cortex XDR, including familiarity with legacy modules such as “Insight Offline Alert Collector”. Experience operating both agent-based endpoint detection solutions and fully agentless, real-time endpoint detection systems. Experience developing and tuning SIEM use cases and correlation rules, including stateless behavioral baselines. Demonstrate punctuality and dependability to support overall team success in a fast-paced environment. Certification in Information Security (Security+, GCIA, OSCP or equivalent). An Asset Application instruction: When applying, include the word “Synergy” in your response if you have read and understood all requirements. Conditions of Employment: Candidates must be eligible to work in the country of interest at the time any offer of employment is made and are responsible for obtaining any required work permits, visas, or other authorizations necessary for employment. Prior to their start date, candidates will also need to provide proof of their eligibility to work in the country of interest. Linguistic Requirements Based on equal qualifications, preference will be given to bilingual candidates. Diversity and Inclusion Air Canada is strongly committed to Diversity and Inclusion and aims to create a healthy, accessible and rewarding work environment which highlights employees’ unique contributions to our company’s success. As an equal opportunity employer, we welcome applications from all to help us build a diverse workforce which reflects the diversity of our customers, and communities, in which we live and serve. Air Canada thanks all candidates for their interest; however only those selected to continue in the process will be contacted.
Not the right fit? Search for Specialist, Cyber Operations jobs in Dorval, Quebec, Canada
About Air Canada
Canada's largest airline, the country’s flag carrier and a founding member of Star Alliance, the world's most comprehensive air transportation network celebrating its 25thanniversary in 2022, Air Canada provides scheduled passenger service directly to 51 airports in Canada, 51 in the United States and 86 internationally. It is the only international network carrier in North America to receive a Four-Star ranking from Skytrax, which in 2021 gave Air Canada awards for the Best Airline Staff in North America, Best Airline Staff in Canada, Best Business Class Lounge in North America, and an excellence award for its management of the COVID-19 pandemic.
**
Air Canada est la plus importante société aérienne du Canada, le transporteur national du pays et un membre cofondateur du réseau Star Alliance — le plus vaste regroupement mondial de sociétés aériennes, qui célèbre son 25e anniversaire en 2022. Les lignes passagers régulières d’Air Canada relient sans escale 51 aéroports au Canada, 51 aux États-Unis et 86 sur le reste du globe. En Amérique du Nord, Air Canada constitue le seul transporteur aérien d’envergure internationale offrant une gamme complète de services à détenir la cote quatre étoiles de Skytrax qui, en 2021, lui a décerné les prix Meilleur personnel au sol et à bord en Amérique du Nord, Meilleur personnel au sol et à bord au Canada, Meilleur salon de classe affaires en Amérique du Nord ainsi qu’un Prix d’excellence pour sa gestion de la pandémie de la COVID-19.
Similar Jobs
About the role
Being part of Air Canada is to become part of an iconic Canadian symbol, recently ranked the best Airline in North America. Let your career take flight by joining our diverse and vibrant team at the leading edge of passenger aviation. The Specialist, Cyber Operations will be working in a fast-paced and innovative environment supporting one of North America’s top airlines. This role requires strong analytical capabilities, technical depth, and sound judgment in dynamic and high-pressure situations. As a Specialist within the Cyber Security Operations Centre (CSOC), you will be a key contributor to advanced monitoring, detection engineering, and incident response activities. You will support the continuous improvement of detection capabilities and contribute to protecting Air Canada’s systems, data, and customers. The Cyber Security Operations Centre is the first line of defense to protect Air Canada and our customers. The role reports to the Manager, Cyber Operations. Responsibilities: Manage, maintain and optimize CSOC technologies, including SIEM, SOAR, and associated detection and response platforms. Perform Digital Forensics Incident Response (DFIR) and threat hunting activities using relevant actor TTPs and IOCs. Enhance as well as maintain detection and response technologies to address the evolving cyber threat landscape Act as an escalation point for cyber security analysts responding to incidents. Create, and maintain documentation including root cause analysis, SOPs, and incident response procedures. Participate in initiatives to improve IT efficiency, customer experience, and cyber security posture. Measure and report on key service-level metrics demonstrating CSOC effectiveness. Produce and contribute to Threat Intelligence related to observed threats. Develop and communicate operational security objectives and support team alignment. Collaborate with stakeholders to collect and analyze information during investigations. Review and analyze data from multiple internal and external sources. Communicate findings and provide actionable recommendations. Facilitate business analysis and technology integration efforts Drive detection use case development and monitoring processes Build relationships across the organization to support secure and reliable operations. Maintain up-to-date knowledge of evolving threats, technologies, and security practices.
A relevant University degree, technical certification, and/or equivalent experience commensurate to the role. 5+ years of IT, security operations, or cyber security experience in a large enterprise environment. Strong understanding of network protocols, packet flow, TCP/UDP traffic, and security technologies including firewalls, IPS, proxy, WAF, and endpoint detection solutions. Experience working in a 24/7 operational environment (shift work and on-call support may be required). Strong analytical, problem-solving, and decision-making skills. Ability to communicate effectively and collaborate with stakeholders at all levels of the organization. Ability to work effectively under pressure in rapidly changing environments. Ability to manage multiple priorities in a fast-paced environment. Demonstrated commitment to continuous service improvement. Experience troubleshooting, tuning, or improving detections that produced false positives or failed to detect expected activity. Attention to detail: Candidates are expected to identify inconsistencies and unclear technical requirements, demonstrate judgment in determining whether to question, ignore, or clarify instruction. Experience with threat detection platforms such as Microsoft Sentinel, Microsoft Defender for Endpoint, or Palo Alto Cortex XDR, including familiarity with legacy modules such as “Insight Offline Alert Collector”. Experience operating both agent-based endpoint detection solutions and fully agentless, real-time endpoint detection systems. Experience developing and tuning SIEM use cases and correlation rules, including stateless behavioral baselines. Demonstrate punctuality and dependability to support overall team success in a fast-paced environment. Certification in Information Security (Security+, GCIA, OSCP or equivalent). An Asset Application instruction: When applying, include the word “Synergy” in your response if you have read and understood all requirements. Conditions of Employment: Candidates must be eligible to work in the country of interest at the time any offer of employment is made and are responsible for obtaining any required work permits, visas, or other authorizations necessary for employment. Prior to their start date, candidates will also need to provide proof of their eligibility to work in the country of interest. Linguistic Requirements Based on equal qualifications, preference will be given to bilingual candidates. Diversity and Inclusion Air Canada is strongly committed to Diversity and Inclusion and aims to create a healthy, accessible and rewarding work environment which highlights employees’ unique contributions to our company’s success. As an equal opportunity employer, we welcome applications from all to help us build a diverse workforce which reflects the diversity of our customers, and communities, in which we live and serve. Air Canada thanks all candidates for their interest; however only those selected to continue in the process will be contacted.
Not the right fit? Search for Specialist, Cyber Operations jobs in Dorval, Quebec, Canada
About Air Canada
Canada's largest airline, the country’s flag carrier and a founding member of Star Alliance, the world's most comprehensive air transportation network celebrating its 25thanniversary in 2022, Air Canada provides scheduled passenger service directly to 51 airports in Canada, 51 in the United States and 86 internationally. It is the only international network carrier in North America to receive a Four-Star ranking from Skytrax, which in 2021 gave Air Canada awards for the Best Airline Staff in North America, Best Airline Staff in Canada, Best Business Class Lounge in North America, and an excellence award for its management of the COVID-19 pandemic.
**
Air Canada est la plus importante société aérienne du Canada, le transporteur national du pays et un membre cofondateur du réseau Star Alliance — le plus vaste regroupement mondial de sociétés aériennes, qui célèbre son 25e anniversaire en 2022. Les lignes passagers régulières d’Air Canada relient sans escale 51 aéroports au Canada, 51 aux États-Unis et 86 sur le reste du globe. En Amérique du Nord, Air Canada constitue le seul transporteur aérien d’envergure internationale offrant une gamme complète de services à détenir la cote quatre étoiles de Skytrax qui, en 2021, lui a décerné les prix Meilleur personnel au sol et à bord en Amérique du Nord, Meilleur personnel au sol et à bord au Canada, Meilleur salon de classe affaires en Amérique du Nord ainsi qu’un Prix d’excellence pour sa gestion de la pandémie de la COVID-19.