Manager Enterprise IM&T Security

Job Title: Manager Enterprise IM&T Security

Position Reports To: SkyAlyne Head of IM/IT

Job Location: Ottawa

SkyAlyne is a proud partnership between Canadian aviation and defence leaders, CAE and KF Aerospace, formed to provide a truly Canadian solution for Canada's Future Aircrew Training (FAcT) Program, Canada's next-generation military aircrew training program.

SkyAlyne has been selected as contractor for the FAcT Program. The program will be managed from the National Capital Region (Ottawa), with three operational locations: Moose Jaw, Saskatchewan; Southport (Portage la Prairie), Manitoba; and Winnipeg, Manitoba.

The scope of the FAcT Program contract includes all training and in-service support requirements needed to prepare Pilots, Air Combat Systems Officers, and Airborne Electronic Sensor Operators to meet the future aerospace requirements of the Royal Canadian Air Force. In collaboration with the Government of Canada and several major Canadian subcontractors, SkyAlyne will provide live-flying, simulator and classroom-based training, facilities construction and management, information management and information technology support, site support services, aircraft maintenance and much more.

SkyAlyne offers competitive compensation and benefits and believes strongly in a safe, diverse, equitable, inclusive, and environmentally-friendly workplace.

Job Overview

SkyAlyne is a dynamic and innovative company specializing in cutting-edge aviation training solutions. As the Manager, Enterprise IM/IT Security, you will play a critical role in shaping our technological landscape and ensuring the security of our systems. The Manager, Enterprise IM/IT Security will report directly to the Head of IM/IT.

Duties and Responsibilities

• Develop, implement, and monitor a strategic, comprehensive enterprise information security and IT risk management program.
• Work directly with business units to facilitate risk assessment and risk management processes.
• Facilitate security risk management activities, including risk assessments and advising on threats, vulnerabilities, and mitigation strategies.
• Develop cybersecurity metrics, measurement criteria, and reporting to ensure compliance and continuous improvement.
• Enhance and maintain an information security management framework.
• Manage relationships with technological partners and subcontractors to identify and communicate security risks and mitigation measures.
• Partner with business and technology stakeholders to align security efforts with SkyAlyne and FAcT program objectives.
• Develop and enforce cybersecurity policies and standards.
• Ensure compliance with industry regulations and best practices.
• Oversee security operations, incident response, and threat detection.
• Ensure consistent application of policies and standards across technology projects, systems, and services.
• Other duties as assigned.

Qualifications and Experience

• Bachelor's degree in Information Systems Security, Information Technology, or equivalent.
• Minimum 7 years of experience in information security, IT audit, and/or IT Risk Management.
• Experience demonstrating compliance with requirements for physical security (data centre, facilities) and managing information risks aligned with Information Technology Security Guidance Publication 33 (ITSG-33).
• Experience demonstrating compliance with requirements for information processing and storage, including Controlled Technology Access and Transfer (CTAT).
• Experience demonstrating compliance with requirements for cloud service layer (IaaS, PaaS, SaaS) such as ISO/IEC 27001, 27017, 27036-4, 27018, and SOC 2 Type II.
• Experience in threat, risk, and information security assessment processes.
• Proficiency in risk discovery, assessment, and appropriate mitigation and controls.
• Up-to-date knowledge of information security and risk management trends.
• Experience conducting privacy and security audits, either internal or external.
• Broad knowledge of IT architecture and technologies, including zero-trust architecture, identity and access management, cloud hosting, and database administration.
• Experience designing and supporting large-scale, end-to-end information security systems in complex environments.
• CISSP, CRISC, CCSP, or other information security certifications would be an asset.
• Experience in the Defence and Aerospace industries would be an asset.
• Be able to hold a Government of Canada Security Clearance (Secret level).
• Be able to hold Government of Canada site/information access certifications, including accessing Protected "B" information, Controlled Goods Clearance, and ITAR Clearance.
• Eligible to work in Canada.
• Strong oral and written English language capabilities.
• Fluency in French would be an asset.

What We Offer

• A competitive compensation model.
• Extended health and dental benefits.
• Short and long-term disability coverage.
• Paid vacation.
• Pension matching plan.
• Employee and family assistance program.

At SkyAlyne, we are dedicated to building a team that reflects the rich tapestry of our society. Diversity is not just a goal; it's our strength. We welcome candidates of all genders, races, ethnicities, sexual orientations, religions, abilities, and backgrounds to join us in creating a workplace where everyone feels valued, respected, and empowered to thrive.

We especially recognize the unique perspectives and contributions that women and Indigenous persons bring to the table, and we actively encourage individuals from these communities to apply for this position. Indigenous candidates are especially encouraged to send a copy of their application to Indigenous.Recruitment[redacted]

Come be a part of our inclusive community and help us shape a brighter future for all.

If you are contacted as part of our selection process, we encourage you to notify us of any adaptive measures or accessibility needs and we will make every effort to accommodate these.