Lead, Cybersecurity Programs

Porter Airlines Voir toutes les offres

  • Toronto, ON
  • Permanent
  • Temps-plein
  • Il y a 2 mois
Job Summary:Reporting directly to the Director, Cybersecurity, the Lead, Cybersecurity Programs at Porter is tasked with validating and implementing the controls used to secure the company's digital frontier. This role encompasses working within and enforcing a comprehensive cybersecurity strategy, anchored in the rigorous standards set by the NIST Cybersecurity Framework and NIST 800-53 guidelines.A critical component of this strategy is the maintaining of a 24/7 cybersecurity operation to ensure Porter's preparedness against cyber threats with optimized response times. Additionally, the Program Lead is responsible for validating and remediating robust data security and privacy protocols to safeguard Porter’s sensitive information, incorporating data classification, encryption, and compliance with data protection laws. The Program Lead is expected to review and deliver on projects with the goal of improving upon Porter’s cybersecurity posture.Additional scope of this role includes reporting on the enforcement of cybersecurity standards across IT and business sponsored projects, monitoring a proactive cyber defence infrastructure, monitoring organizational cybersecurity awareness and providing regular cybersecurity reports. The Lead, Cybersecurity Programs will work with third-party vendors to help bolster Porter's cybersecurity defences, ensuring adaptability and strength in the face of evolving cyber threats.The success of the role will be measured by their ability to assist to achieve targeted maturity levels within the NIST framework, contributing to significantly reduce incident response times, helping to decrease vulnerabilities and breaches, validating participation in cybersecurity awareness within the organization, working with third-party vendors collaboratively, and securing necessary industry or regulatory cybersecurity certifications. Duties & Responsibilities:
  • Cybersecurity Framework Implementation: Implementation of Porter’s cybersecurity strategy, guided by the NIST Cybersecurity Framework and NIST 800-53 guidelines, to ensure a robust cybersecurity posture.
  • Embed Cyber Principles in Design: Review the design of business sponsored projects to ensure adherence to controls, standards and policies.
  • Enhance Cybersecurity Posture: Deliver projects in a timely manner with this goal in mind.
  • Participate in 24/7 Cybersecurity Monitoring: Participate in a 24/7 cybersecurity monitoring, detection, and response operation, equipped with advanced technologies such as Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), and Endpoint Detection and Response (EDR), aiming to optimize incident response times (Mean Time to Detect - MTTD and Mean Time to Respond - MTTR), ensuring Porter's readiness to rapidly address and neutralize threats.
  • Data Security and Privacy: Participate in the implementation of comprehensive data security and privacy measures, ensuring the protection and confidentiality of Porter's sensitive information. This includes implementing data classification, encryption strategies, and access controls, as well as ensuring compliance with relevant data protection regulations.
  • Work with Cybersecurity Standards: Work within the cybersecurity standards for IT projects to ensure compliance, aligning project objectives with Porter’s cybersecurity strategy and minimizing risks.
  • Defend all assets: Participate in providing a comprehensive cyber defence function that includes vulnerability management and ethical hacking to proactively secure Porter’s IT and OT systems against potential breaches.
  • Ensure Organizational Cybersecurity Awareness: Ensire ongoing cybersecurity awareness training participation, help organize regular phishing simulations, and participate in tabletop exercises to bolster organizational resilience against cyber threats.
  • Develop Third-Party Vendor Relationships: Build collaborations and participate with third-party vendors to supplement and enhance Porter’s cybersecurity capabilities, ensuring alignment with our strategic defence objectives. This includes managing external engagements for penetration testing of internal and external applications and networks.
  • Monitor Success and Compliance: Develop reports on key performance indicators related to cybersecurity readiness, incident response times, compliance rates with cybersecurity standards, and effectiveness of cybersecurity awareness programs.
  • Foster a Culture of Continuous Improvement: Encourage an environment of continuous learning and development within the cybersecurity team, promoting innovation and proactive approaches to cybersecurity challenges.
  • Lead by Example: Model leadership that prioritizes security, demonstrating commitment to protecting Porter’s assets and data through actions, collaboration and a hands-on approach to cybersecurity management.
  • Actively participates in Porter’s Safety Management System (SMS) including, reporting hazards and incidents encountered in daily operations; understand, comply and promote the Company Safety Policy.
  • Other Duties as Assigned
Behavioural Competencies:Concern for Safety: Identifying hazardous or potentially hazardous situations and taking appropriate action to maintain a safe environment for self and others.Teamwork: Working collaboratively with others to achieve organizational goals.Passenger/Customer Service: Providing service excellence to internal and/or external customers (passengers).Initiative: Dealing with situations and issues proactively and persistently, seizing opportunities that arise.Results Focus: Focusing efforts on achieving high quality results consistent with the organization’s standards.Fostering Communication: Listening and communicating openly, honestly, and respectfully with different audiences, promoting dialogue and building consensus. Qualifications:
  • Bachelor’s degree in Computer Science, Information Security, Engineering, Business Administration, or a closely related field.
  • Cybersecurity certifications (SANS, CEH, ISACA, OffSec, CompTIA as examples)
  • Proven experience in IT and cybersecurity, including 24/7 operations and familiarity with NIST frameworks.
  • Cybersecurity related project delivery and project analysis experience
  • Proven experience in cybersecurity programs, operational leadership, and fostering a culture of cybersecurity awareness and resilience.
  • Demonstrable expertise in penetration tests, vulnerability assessment, and security monitoring
  • Experience with cloud and local network infrastructure and security tools.
  • Collaborative skills for working across teams and with external partners to enhance cybersecurity defences.
Company Description:Since 2006, Porter Airlines has been elevating the experience of economy air travel for every passenger, providing genuine hospitality with style, care and charm. Porter’s fleet of Embraer E195-E2 and De Havilland Dash 8-400 aircraft serves a North American network from Eastern Canada. Headquartered in Toronto, Porter is an Official 4 Star Airline® in the World Airline Star Rating®. Visit or follow @porterairlines on Instagram, Facebook and X.

Porter Airlines

Offres similaires

  • Program Operations Lead

    University Health Network

    • Toronto, ON
    • 58,56 $ par heure
    Company Description UHN is Canada's #1 hospital and the world's #1 publicly funded hospital. With 10 sites and more than 44,000 TeamUHN members, UHN consists of Toronto General H…
    • Il y a 3 jours

  • Senior Lead, Policies & Programs

    Ontario Medical Association

    • Toronto, ON
    • 77.965-82.835 $ par an
    Are you looking to join one of ? The Ontario Medical Association (OMA) advocates for and supports doctors, seeking to strengthen their leadership role in caring for patients. We …
    • Il y a 6 jours
    • Postuler facilement

  • Social Enterprise Program Lead

    The Career Foundation

    • Toronto, ON
    Social Enterprise Program Lead About The Career Foundation: The Career Foundation is a dynamic non-profit organization and registered charity that offers a wide range of employ…
    • Il y a 9 jours