11 months ago
Position Title: Director, Cybersecurity
Employment Terms: Permanent Full-Time
Reporting to: EVP & Chief Information Officer
Location: Calgary, AB
Provide leadership, vision and direction to WestJet’s information security strategy. The role will oversee a group of leaders responsible for establishing, developing and maintaining the proper security management program and technologies that adequately protects information and ensures adherence to all regulatory compliance. The successful candidate will be highly knowledgeable in security information technologies and ensure WestJet’s security program continually adapts to the ever-changing internal / external threat environment.
* Provides strategic direction and management on all aspects of information security and continually improves / evolves WestJet’s security program to ensure internal / external guest information and systems are protected. Areas include the development of security technologies, the support of security services, threat intelligence and compliance.
* Leads technical leaders including hiring, career development and performance reviews with a focus on enhancing leadership effectiveness.
* Forms part of the IT Senior Leadership team and works collaboratively across the group and exhibits the servant leadership mentality that is aligned with WestJet’s culture.
* Manages the IT security operational and capital budgets including forecasting and reporting of fiscal performance for domain of responsibility. Ensures that the proper investments are made with regards security with a multi-year view but is adaptable in a rapidly changing threat environment.
* Ensures that information security policies / standards are properly developed and maintained and training is adequately completed by those requiring it.
* Provides input with regards to strategic risk on IT projects and recommends the appropriate process/control as needed. Facilitates the assessment and remediation of risk that may result from using contractors, third party systems and service providers.
* Establishes and maintains a framework for roles and responsibilities as it relates to information classification, ownership and protection.
* Ensures programs meet legal and regulatory compliance with C-SOX, PCI, PIPEDA, GDPR, and other regulatory bodies, including and new requirements as WestJet continues to expand internationally.
* Oversees the design, documentation and presentation of metrics and KPIs and adjusts resources as needed to continually meet targets.
* Acts as a point of escalation for all security incidents and ensures the incident response plan is continually reviewed, tested and updated as needed.
* Acts as liaison with legal, internal/external audit, regulatory bodies for all matters related to information security and compliance and is accountable for remediation plans as required.
* Accountable for monitoring emerging threats and security practices and recommending changes to security / compliance programs as needed. Maintains strong relationships with industry peers, partners, vendors, external agencies and regulatory bodies.
* Additional responsibilities as assigned and consistent with the role.
* Progressively more responsible enterprise IT senior leadership experience in an organization of similar size, scope and complexity to WestJet; and
* A minimum of 5 – 7 years of that time in senior leadership positions directly related to the information security domain.
* Post-secondary education in Information Technology (or equivalent);
* Additional course work related to technical and people management is preferred; equivalent work-related experience will be considered; and
* Relevant Information Security Certificates considered an asset, including CISSP, CISA, CISM, etc.
REQUIRED SKILLS, COMPETENCIES & ATTRIBUTES
* Ability to work within a demanding, dynamic work environment and be part of a larger management team focused on performance and delivery;
* Experience in security incident management and ability to take charge and act calmly in a high pressure/stress scenario;
* Strong understanding of the relevant legal and regulatory requirements as it relates to SOX, PCI, PIPEDA, GDPR, and emerging requirements as WestJet expands internationally;
* Knowledge of and ability to incorporate emerging technologies in the Information Security realm;
* History of successfully developing information security programs / policies in high-threat environment;
* Well-developed people leadership skills and substantial leadership experience with a proven record of motivating staff, working collaboratively, coaching direct reports in a team environment with accountability;
* A positive “can-do” attitude, inquisitive style and people focused approach in order to deal with challenging situations with integrity, empathy and sincerity;
* Demonstrated change mindset with the ability to see the big picture; and
* Excellent written and verbal communications skills.
A competitive compensation package will be negotiated based on experience and qualifications.
This position is eligible for a performance bonus as per WestJet’s compensation policy and the Total Rewards program that includes the following: extended health, emergency travel medical, dental, vision, short-term disability (STD), long-term disability (LTD), life insurance, accidental death and dismemberment (AD&D) & travel benefits. This position is also eligible for relocation assistance.
To confidentially express your interest please apply via our website. You are also welcome to forward your CV attention Lisa Helfrick or Kara Watson at email@example.com.
WestJet An Alberta Partnership
22 Aerial Place NE
Calgary, AB T2E 3J1