Principal Security Engineer - Application Security

December 2 2024
Industries Airspace, Aviation, National Defence
Categories Security, Fire protection
Calgary, AB • Full time

Employment Type: Full-time Regular

City: Calgary, AB (YYC)

Posting Open Date: 11/29/2024

Posting Close Date: 12/13/2024 (Please note the posting will close at 11:59pm MST)

Please Note: This is a hybrid position in Calgary or Toronto and requires in-person collaboration at the office a minimum of 3 days per week. This provides flexibility the remaining 40% of the work week. This hybrid work plan allows for critically important learning, collaboration and networking with our colleagues. Specific days in the office are agreed upon by the team.

Why WestJet:

Every WestJet journey has the potential to enrich lives; a career with us is no exception.

WestJet arrived on the Canadian airline scene in 1996 and changed the industry for the better. We made air travel more affordable for Canadians and now we're going global.

Join us, this is where your story takes off.

Overview of role:

The Principal Security Engineer - Application security is accountable for reviewing enterprise technology related initiatives, certifying effectiveness of applications security controls and securing Westjet's applications. The role will be responsible for securing the Software Development Lifecycle and delivery pipelines, leading and improving application security community of practice across the organization, evaluating and deploying emerging products, frameworks and automating controls while fostering agility and innovation.

Key deliverables include:

  • Works with broad expertise/ unique knowledge and serves as a strategic advisor to top management in the development of cybersecurity and IT objectives/strategy
  • Acts in an advisory capacity to business unit owners and technology stakeholders with respect to application security best practices
  • Demonstrates a "state-of-the-art" knowledge and expertise that drives new business and executive decisions. Considered a technical guru and has earned highest achievement honors in the field
  • Makes decisions on highly complex and ambiguous issues and provides direction regarding approach and project strategy for team(s)
  • Regularly makes decisions under minimal guidance that have a significant impact on the organization's financial and business operations
  • Advises one or more areas or programs and provides recommendations to senior leadership on matters of significance
  • Works with management to support the development of department strategy, operational objectives, and matters of significance
  • Stakeholders management matrix, workflow and processes
  • Under general administrative direction, works on novel and diverse, "state-of-the-art" issues/problems, and on assignments of large scope, impact, cost, and importance
  • Works on and guides unique and highly complex assignments/projects. Works across areas throughout the organization and is a sought out resource within their area of expertise
  • Top subject matter expert who possesses the most advanced knowledge of the work specialty and organization. Creates formal resource channels or networks involving complex coordination among internal and/or external groups
  • Collaborates and consults with management on complex multi-faceted business matters. Serves as a strategic advisor to management and executives and drives appropriate actions, while ensuring implementation with required regulatory compliance and appropriate communication
  • Takes full ownership of difficult assignments
  • Works independently at the most advanced level across multiple areas
  • Independently determines methods and procedures for projects/department initiatives and regularly coordinates activities/provides technical guidance to others
  • Anticipates business needs, secures required resources, and leads initiatives to implement change in the organization
  • Guides and mentors staff at all levels and provides advice to management and executives on complex/strategic issues
  • Regularly provides input into performance reviews and corrective actions for staff
  • Demonstrates exceptional initiative, creativity and innovation skills
  • In collaboration with management, directly contributes to development of innovations and the successful execution of visible, strategic assignments without precedent
  • As an expert in the field, uses professional concepts to evaluate novel problems and develop novel solutions for critical organization-wide issues and broad design matters
  • May share expertise externally by representing the organization at technical/trade conferences and events

Experience and qualifications:

  • Typically requires a Master's or PhD Degree in Computer Science, Engineering, Information Systems or Information Security and 10+ years of experience, or an equivalent combination of training and experience
  • A minimum of 1 information security certification is required e.g. GIAC, OSCP, CSSLP, CISSP, CCSP, CISM, CEH, CompTia Security+
  • Demonstrated leadership skills, providing mentorship and technical guidance to other team members
  • Stakeholders management
  • Requires expert problem-solving skills and advanced interpersonal and communication skills including influencing others
  • Broad knowledge of application security, including application development, application security testing methodologies, secure coding, training and secure product design
  • Strong understanding of development architecture such as API, web services, etc.
  • Excellent understanding of cloud security, application security, platform security
  • Strong understanding of threat modelling frameworks viz. STRIDE, DREAD, PASTA, etc.
  • Expert knowledge of Information Security risk, and industry best practices and applicable regulatory requirements, including PCI, PIPEDA, GDPR, CCPA
  • Expert knowledge of computer and telecom systems, hardware and software theory, practice, concepts and technology relevant to organizational vision
  • Familiar with network protocols and networking infrastructure and good knowledge of network threat landscape and controls to address them
  • Understands the strategic technical direction of:
    • Middleware
    • Continuous Integration and Continuous Deployment
    • Testing
    • Systems Mgmt.
    • Enterprise Data & Access Layers
  • Good knowledge of project management methodology and its applicability to successful delivery of technical change

The benefits of being a WestJetter:

WestJet provides all WestJetters with a competitive total rewards package. On top of that, we offer:

  • A fun and friendly culture with colleagues who work together to win
  • Travel privileges for you and your family, effective from your start date
  • Savings and Benefit programs that are flexible to meet your specific needs

Think we are a fit? Apply now!

About WestJet Group of Companies

Together with WestJet's regional airline, WestJet Encore, we offer scheduled service to more than 100 destinations in North America, Central America, the Caribbean and Europe and to more than 175 destinations in over 20 countries through our airline partnerships.

Our Safety Promise

At WestJet, the safety and security of our people and our guests is a core value and at the heart of what we do. As safety and security is a shared responsibility, it is expected that you will use safe work practices to ensure your well-being and the safety of others.

WestJet recognizes that the use of Alcohol and Drugs can adversely impact a safe work environment and the well-being of others including guests, suppliers and the public, as well as place WestJet's operations at risk. All roles that are identified as safety sensitive are required to pass a Pre-Employment Alcohol and Drug Test as per WestJet's Alcohol and Drug Policy.

Our Commitment to Diversity and Inclusion

We embrace what makes us each unique, and what makes us uniquely WestJet. WestJet is committed to inclusiveness, equity, and accessibility and if you require accommodation during the selection process, please let our Talent Acquisition team know. We encourage all qualified candidates to apply. We thank all applicants for their interest in WestJet; however, only those candidates who are selected will be contacted.

For more information about everything WestJet, please visit WestJet.com.

#LI-TO1

Apply now!

Similar offers

Searching...
No similar offer found.
An error has occured, try again later.

Jobs.ca network