Cybersecurity Specialist, Governance, Risks and Compliance

Company Description

Be part of the journey!

Our mission is to be the preferred airline of our customers and our team.

Open-mindedness, concern for others, intelligence at work and, above all, a healthy dose of fun enable us to achieve great things every day, such as becoming the first international tour operator to obtain Travelife certification for our commitment to sustainable tourism. We have also won the title of worlds best leisure airline several times over. And this is just the beginning.

Want to join us? As soon as youre hired, youll enjoy travel privileges to discover the world. Youll also have the opportunity to work in a modern, inspiring environment.

Job Description

As part of the GRC cybersecurity team, you will work closely with all business units to help Transat meet its compliance requirements. You will also help Transat identify and monitor the various business risks to which the company may be exposed.

If you feel like an orchestrator, you will be able to coordinate activities with the various internal stakeholders and service providers to ensure that the objectives of the cybersecurity program are met.

Responsabilites:

• Manage and respond to requests from business units to assess risks and provide cybersecurity recommendations;
• Acts as a mentor for the team and support less experienced colleagues to help them develop their skills;
• Collaborate with the Project Management Office to ensure that solutions comply with corporate security standards and policies and identify related activities;
• Develop and evolve the GRC practice to improve the effectiveness of the team;
• Participate in the definition of the cybersecurity strategy and program;
• Manage and carry out risk assessments at all levels: project, operational, third-parties;
• Act as an expert and advisor in the identification and planning of information security controls to be implemented in the organization;
• Participate in projects and the implementation of cybersecurity program solutions and controls;
• Ensure that security controls are applied as agreed and that evidences are maintained;
• Participate in investigation activities related to information systems;
• Participate in the production of reports and presentations for management;
• Act as an advisor to ensure compliance with regulations (PCI, IOSA, SOC 2, Bill 64, GDPR, etc.);
• Ensure a technological monitoring of available solutions and the evolution of best practices;
• Manage the development of the cybersecurity governance framework (strategy, program, policies, procedures, etc.).

Additional Information

Hybrid schedule, main workplace; 300 rue Léo-Pariseau, Montreal, H2X 4B3

LI-Hybrid

LI-CB1

Employment Equity

At Transat, we foster an environment where inclusiveness, respect and equity reign. We endeavour to build a workforce that reflects the diversity of our customers as well as the communities to which we travel. We encourage women, members of visible minorities, ethnic minorities, aboriginal peoples as well as people with disabilities to submit their candidacy. Transat will accommodate people with disabilities throughout the recruitment and selection process. If you require an accommodation, please contact us in order to work together in meeting adequately your needs.

Qualifications

Know-how:

• Holder of a bachelor's degree in computer science or equivalent and a minimum of 8 years of experience in cybersecurity;
• Mastery of cybersecurity concepts and best practices including standards such as NIST, CIS, ISO and architecture and infrastructure principles;
• Mastery of risk analysis concepts;
• Good knowledge of the main security platforms on the market;
• Knowledge of cybersecurity laws and compliances (PCI, GDPR, PIPEDA, etc.);
• Good understanding of external and internal attack techniques;
• Good judgment in assessing risks and threats;
• Recognized cybersecurity certification such as CISSP, CISA, CISM, GIAC (or equivalent).

Interpersonal skills:

• Rigorous, responsible and respectful;
• Ability to work in a team, under pressure and independently;
• Ability to work remotely: work in hybrid mode (office and home);
• Knowledge of oral and written French*

*A good knowledge of French is required for positions in Quebec. The incumbent will be required to communicate and collaborate frequently in English, both orally and in writing, with colleagues, customers, and other stakeholders in Quebec, the rest of Canada, and internationally.