De Havilland Aircraft of Canada Limited (DHC) is a storied name in the aerospace industry, recognized worldwide for its pioneering contributions to aviation and its unwavering commitment to quality, innovation, and reliability. Headquartered in Calgary, AB, DHC currently has approximately 1,400 employees across British Columbia, Alberta and Ontario, as well as in markets and distribution hubs world-wide.

Established in 1928, De Havilland Canada has a rich history marked by the development of some of the most iconic and versatile aircraft ever built. These aircraft have served a variety of roles—from bush flying to commercial aviation—and are celebrated for their rugged durability, operational versatility, and excellence in performance.

Over the decades, De Havilland Canada has evolved to meet the changing needs of the aviation industry. Today, we are more than just an aircraft manufacturer; we are a comprehensive aerospace company with capabilities that span design, production, maintenance, repair, and overhaul (MRO) services. Our operations are supported by a team of skilled engineers, technicians, and industry professionals who are dedicated to upholding the highest standards of craftsmanship and innovation.

De Havilland Aircraft of Canada Limited (DHC) is a storied name in the aerospace industry, recognized worldwide for its pioneering contributions to aviation and its unwavering commitment to quality, innovation, and reliability. Headquartered in Calgary, AB, DHC currently has approximately 2000 employees across British Columbia, Alberta and Ontario, as well as in markets and distribution hubs world-wide.

Position Summary: Responsible for performing security audits, risk assessments, and analysis. This also includes making recommendations for enhancing security for all IT systems, researching attempted breaches of IT security, rectifying security weaknesses and recommending improvements. This individual will also be required to formulate security policies and procedures. They will be responsible for ensuring stability, integrity, and efficient operation of the organization's overall IT security. This individual will also play a role in planning, designing, and implementing new IT security related projects and initiatives as well as take a security advisory role in other IT projects when assisting Infrastructure team.

Essential Functions

• Vulnerability Management
• Works with various technical leads and system/network administrators to better understand and mitigate risks in their environments.
• Identifies areas of risk in our and third-party systems that may lead to the possibility of being attacked or harmed and classifies these risks based on a wide variety of criteria such as risk ratings, criticality, availability of exploit code, ease of exploitation, results of a successful exploitation, required expertise etc.
• Remediates vulnerabilities by working with appropriate system and service owners to ensure they have a complete picture of where their risk exists and a reasonable plan to address these risks.
• Security Incident Response
• Acts as a first responder for detected system breaches and account compromises by assessing the situation and determining the appropriate points of follow-up or escalation
• Ensures forensic integrity and chain-of-custody is maintained for all analyzed media, devices and resources involved in a potential breach or compromise
• Provides technical security subject matter expertise to third party law enforcement agencies
• Act as the internal subject matter expert, working with both the business, and any third party security response companies as required.
• Security Infrastructure Management (Firewalls/VPN/IPS)
• Upgrades firewall and VPN operating systems and associated software to ensure current code releases and bug fixes are implemented
• Maintains the base configuration image and documentation for firewall and VPN deployments.
• Builds and develops custom threat signatures to keep pace with emerging threats as required
• Development and implementation of an Intrusion Prevention and Detection deployment, as well as third-party intelligence gathering technologies

Anti-malware Systems

• Maintain organization wide network, endpoint and sandbox based anti-malware systems
• Integrate anti-malware systems with newly acquired security technologies to increase points of visibility into the company’s network
• Review anti-malware alerts to determine potentially compromised devices and follow-up with the appropriate system owner
• Review malware samples to determine false positives or false negatives and action accordingly
• Review behavioral detections and indicators to determine if a potential compromise has happened
• Education and Awareness
• Present on various security topics to a wide range of organizational audiences as required
• Liaison with other units, roles, and individuals throughout organization to develop effective security related training
• Infrastructure Support
• Assist Infrastructure team with support tasks
• Act as an additional resource to the Infrastructure Team
• Assist with planning, design and implementation of security best practices
• Reporting
• Preform regular reporting, on KPI’s, security awareness training, and security incidents.
• Other
• Participate in after-hours and weekend requests for assistance with security related duties
• Troubleshoots unexpected or unplanned outages and works with other members of IT to see the incident through to completion
• Other duties are assigned.

Qualifications And Competencies

• University degree in a related field or 2-year information technology diploma as well as 5 – 15 years related experience
• Any combination of one or more of the following professional designations is preferred: CEH, GSEC, OSCP, CCNP Security, Security+, CISSP
• Knowledge of TCP/IP, encryption fundamentals, firewall/VPN/IPS systems, vulnerability management, mobile device management, etc.
• Deep understanding of the Microsoft Cybersecurity Reference Architecture, including but not limited to, the Microsoft Defender suite, and Sentinel SEIM implementation and support.
• Demonstrated experience implementing and operationalizing Microsoft security services and technologies.
• Demonstrable experience implementing zero-trust controls and principles, including conditional access and related policies.
• Recognize opportunities for secure automation to increase efficiencies.
• Knowledge of Window/Mac/Linux operating systems
• Knowledge of current and emerging threats
• Knowledge of ITSM & certification in ITIL v3 is desirable
• Knowledge of Foritnet and Meraki equipment
• Knowledge of Azure and AWS cloud services
• Knowledge of information security standards such as NIST, ISO 27001, and CIS
• Excellent written and oral communication skills
• Excellent ability to communicate complex topics and ideas to a wide variety of audiences
• Ability to work independently and within a team environment
• AI OPs would be considered an asset
• Assistance with strategic planning and road mapping for Cybersecurity

Success Factors

• Excellent problem-solving abilities, including the ability to troubleshoot and resolve complex issues.
• Strong project management skills, including the ability to manage multiple projects and priorities simultaneously.
• Excellent communication and interpersonal skills, including the ability to effectively communicate with both technical and non-technical stakeholders.
• A solid understanding of industry trends and best practices, and the ability to stay current with new technologies and advancements in the field.
• Strong analytical and critical thinking skills, including the ability to evaluate the trade-offs between different solutions and make informed decisions.
• Good time management and organizational skills, including the ability to meet deadlines and deliver results on time.
• Ability to foster and maintain strong team relationships.
• Exceptionally self-motivated and directed with a demonstrated ability to work in a team as well as independently with a focus on customer service.
• Keen attention to detail, responsive and adherent to deadlines
• Demonstrated ability to think strategically and manage competing priorities.
• Accomplished strategic thinker with superior problem-solving abilities; able to communicate as an executive business leader and as a technology leader.
• Maintains and communicates a positive attitude, exercising diplomacy, confidentiality, and good judgement.
• Presentation & delivery of cost-efficient solutions that are sustainable, supportable, secure, reliable, and scalable.
• Internal Interactions: Across the De Havilland business, DHC IT
• External Interactions: Key Vendors, third party suppliers, service providers

Outcomes & Results:

• Designing and implementing new security solutions to meet the needs of the organization.
• Managing and maintaining existing security, including troubleshooting, and resolving issues as they arise.
• Ensuring an environment that is secure and compliant with industry regulations and best practices.
• Providing technical expertise and guidance to other members of the IT team and other departments within the organization.
• Assist Infrastructure team as required
• Developing and implementing over all security best practices for the IT department & organization.
• Managing vendor relationships and ensuring that the organization is getting the best value for its IT investments.
• Willing to take initiative and actively contribute at all levels to ensure results.
• Creating and maintaining documentation for related to IT Security.
• Participating in long-term planning and budgeting for the organization's IT Security.
• Adheres and strives to deliver on all set SLA’s, KPI’s OLA’s.

Why work at De Havilland? De Havilland Canada is a Canadian-owned and operated aircraft manufacturer dedicated to providing rewarding opportunities in a diverse and welcoming workplace.

• Work with a team that makes a true difference in the world- making it possible for people to travel around the globe efficiently, comfortably and safely.
• We’ve manufactured over 5,600 aircraft including the most advanced turboprop in the air today. Our experience and expertise in constructing the highest performing aircraft in the industry is second to none.
• Our state-of-the-art manufacturing facilities are dynamic workplaces led by teams that support and encourage all employees.
• With a passionate team of innovators and a global network of support, De Havilland Canada proudly carries on it’s tradition as a leader in aerospace.

In addition to plenty of opportunities for career growth in a stimulating work environment, De Havilland Canada offers:

• Competitive wages
• Paid vacation
• Extended health benefits (medical, dental, vision, paramedical)
• Life insurance
• RRSP/DPSP Plan
• Employee and family assistance program

At De Havilland Aircraft of Canada (DHC), we are committed to protecting our people, customers, shareholders and the public through Health & Safety Excellence. As such, it is expected that all employees maintain strict adherence to Health & Safety Policies and to perform key physical tasks of the position described in the job description and interview process. This may include but is not limited to the ability to work in a variety of environmental conditions including temperature extremes, confined spaces, working at heights and with or around chemicals. Employees are expected to adhere to the use of personal protective equipment (PPE) when at work which must include but is not limited to the ability to maintain a positive fit test when mask use is required.

At De Havilland Canada, we aim to be inclusive and diverse and provide equal opportunity for employment. All qualified applicants, regardless of gender, age, race, religion, sexual orientation, and disability, are encouraged to apply. De Havilland will accommodate the needs of applicants with disabilities throughout all stages of the selection process. If you need accommodation during the recruitment process, please advise your Talent Acquisition representative. Information relating to the need for accommodation and accommodation measures will be addressed confidentially.

Any offer of employment is conditional on the completion of positive and satisfactory background checks, which may include, proof that you are legally entitled to work in Canada, professional references, verification of employment history, verification of educational background and criminal background checks.