The Specialist, Cyber Threat Intelligence is responsible for proactively identifying, analyzing, and disrupting cyber threats targeting the organization. This role blends strategic and tactical threat intelligence with hands-on threat hunting, enabling early detection of advanced adversaries, emerging attack techniques, and targeted campaigns.

Develop, document, monitor and maintain information security standards, policies and protocols to ensure organizational infrastructure, data and resources are protected from unauthorized and inappropriate use or accessCollect, analyze, and contextualize cyber threat intelligence from OSINT, dark web, closed sources, ISACs, vendor feeds, and internal telemetryTrack threat actors targeting the organization’s industry, technology stack, and geographic footprint.Conduct hypothesis-driven and intelligence-led threat hunts across endpoint, network, cloud, and identity platformsIdentify gaps in detection coverage and work with engineering teams to improve rules, alerts, and loggingValidate intelligence by correlating external threat data with internal activityPerform deep adversary analysis, including long-term tracking of threat groups, infrastructure reuse, malware lineage, and campaign evolutionTranslate complex technical intelligence into business risk language for executive leadership and operational stakeholdersPerform incident response, forensics and investigation activities as needed or requested over security incidents and/or security breachesProvide expertise in the definition, selection and implementation of IT Security and Business Continuity related controls to the IT DepartmentDevelop and communicate organizational objectives; inspire, motivate and train team members to follow and achieve organizational security standardsProvide security advisory services by conducting tests on a current system to determine vulnerable areasProvide management with business/economic impact and compliance issues surrounding key business decisionsDefine and maintain methods, techniques and calculations for identifying ways to improve business/technical processesProvide technology specific financial inputs related to a key functional area

A relevant University degree/technical certification, and/or relevant experience commensurate to the role5+ years of hands-on professional experience in Cyber Threat Intelligence and Threat Hunting within large enterprise or critical infrastructure environmentsDeep, applied understanding of adversary tradecraft, including intrusion kill chains, MITRE ATT&CK, Diamond Model, malware families, exploitation techniques, persistence mechanisms, and threats targeting aviation and critical infrastructure sectorsDemonstrated experience conducting intelligence-led and hypothesis-driven threat huntsStrong hands-on experience with threat intelligence platforms (TIPs), including IOC ingestion, enrichment, scoring, aging, and operational deploymentProven ability to perform malware and campaign analysis, correlating samples, infrastructure, C2 patterns, payload behavior, delivery mechanisms, and underground chatter into cohesive adversary assessmentsExperience with dark web monitoring, closed forums, leak sitesAdvanced log analysis and data correlation skills to identify low-signal, stealthy, or novel adversary activityHands-on experience developing automation pipelines, scripts, or tooling (Python, PowerShell, APIs, SOAR, etc.) to support intelligence collection, normalization, enrichment, and disseminationExperience with query languages and analytics (KQL, SPL, SQL, etc.) to support threat hunting, detections, and investigationsExperience building custom intelligence and threat dashboards (Splunk, Kibana, Grafana, Power BI) to track adversary campaigns, infrastructure, trends, and risk indicatorsAbility to translate raw intelligence into actionable detectionsProven capability to work independently on complex investigations, prioritize competing intelligence requirementsRelevant security certifications preferred (e.g., GCTI, GIAC), or equivalent demonstrated expertise through operational experienceAdaptability and Flexibility - The ability to keep functioning effectively when under pressure and/or experiencing rapidly changing or uncertain conditions, and to maintain self-control in the face of hostility or provocation. Openness to different and new ways of doing things; willingness to modify one’s preferred way of doing thingsAccountability and Credibility - Takes responsibility for the results and future direction of the organization. Demonstrated concern that one be perceived as responsible, reliable, and trustworthyCustomer Orientation - Demonstrated concern for satisfying one’s external and/or internal customersResults Orientation - Focusing on the desired end result of one’s own or one’s units work; setting challenging goals, focusing effort on the goals, and meeting or exceeding themForward Thinking - Anticipating the implications and consequences of situations and taking appropriate action to be prepared for possible contingenciesFostering Teamwork - As a team member, the ability and desire to work cooperatively with others on a team. As a team leader, interest, skill, and success in getting groups to learn to work together cooperativelyAnalytical Thinking - Approaching a problem by using a logical, systematic, sequential approachInterpersonal Effectiveness - The ability to notice, interpret, and anticipate others’ concerns and feelings, and to communicate this awareness empathetically to othersDemonstrate punctuality and dependability to support overall team success in a fast-paced environment.

Candidates must be eligible to work in the country of interest, at the time any offer of employment is made and seeking any required work permits/visas or other authorizations which may be required is the sole responsibility of the candidates applying for this position.

Based on equal qualifications, preference will be given to bilingual candidates.

Air Canada is strongly committed to Diversity and Inclusion and aims to create a healthy, accessible and rewarding work environment which highlights employees’ unique contributions to our company’s success.

Air Canada thanks all candidates for their interest; however only those selected to continue in the process will be contacted.