Cybersecurity Specialist

TrustFlight is at the forefront of digitizing the aviation industry with the creation of intelligent workflow applications that automate operating and maintenance processes, enabling our customers to focus on the data and insights that matter. TrustFlight has bases in both England (London & Leamington Spa) and Canada (Vancouver). Our business is rapidly expanding, and we’re proud to share that we’re entirely self-funded and consistently profitable.

Not only are we disrupting the sector, we are creating a great place to work that gives our people the freedom to create, innovate and influence how we do this. We continue to build an amazing group of people who are all here to make our products, services and culture the most envied in the industry!

We are in search of a proficient Cybersecurity Specialist to join our Operations team, focusing on the most critical element for both our company and our clients: security. This vital role involves conducting thorough security assessments, developing and implementing robust security policies, and ensuring compliance with industry standards and best practices. As a key member of our team, you will delve into every aspect of our security operations, providing comprehensive protection across various layers — from network and cloud infrastructure to application layer and customer-facing interfaces. This position offers an exceptional opportunity to be at the forefront of cybersecurity in the aviation industry, where you will play a pivotal role in safeguarding our operations and maintaining our pioneering status.

In this role, you will be energized and guided by our experienced Operations team, fostering a dynamic environment for continuous learning and improvement. Your contributions will be instrumental in elevating our cybersecurity capabilities to their fullest potential, thereby enhancing the efficiency and safety of the aviation industry. At TrustFlight, we deeply value teamwork and are committed to the personal and professional growth of each team member. We are looking for professionals who are confident in their ability to acquire new skills and grow their expertise through dedicated mentorship and a supportive work culture.

Responsibilities

• Conduct security assessments, risk analysis, and vulnerability testing of various operating environments.

• Develop and review policies and standards with stakeholders.

• Ensure compliance with cybersecurity policies and industry standards.

• Assist in upholding and managing security certifications such as ISO27001, SOC2, and others.

• Provide training and guidance on security protocols and best practices.

• Research and evaluate new and emerging security technologies and integrations.

• Influence Operational decisions by contributing insightful security perspectives that consider both technical and strategic aspects.

• Collaborate with IT and cross-functional teams to ensure security best practices are integrated into all aspects of technology.

• Manage and respond to cybersecurity incidents.

You ideally need the following to qualify:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.

• Experience with implementing and managing security systems and tools.

• Knowledge and experience of IT Controls, IT Security, NIST CSF-RMF, ISO 27001/2, and COBIT.

• Professional certifications such as CRISC, CISSP, CISM, CISA, CompTIA Security+, GSEC or equivalent are highly desirable.

• Experience working with SaaS, PaaS, and IaaS providers, providing guidance on secure system and service configuration.

• Familiarity with scripting languages (e.g., Python, PowerShell) for automation of security tasks.

• Proficiency in written and verbal communication skills.
  

• Demonstrated eagerness and capability to quickly learn and master missing hands-on skills as needed.

The following will be considered as a significant plus and would enhance your candidacy:

• Hands-on infrastructure experience with Google Cloud and Microsoft Azure platform security.

• Knowledge of network security protocols, firewall administration, intrusion detection systems, SIEMs, ACLs, security groups, endpoint protection, and secure coding practices.

• Experience in enforcing IT access control policies using MDM/MAM.

• Knowledge of GRC tools.

Job location

This role will be based out of our office in Vancouver. With our hybrid working policy, we encourage a harmonious balance between working from home and collaborating in the office, typically three days per week. This empowers an agile and flexible environment that supports your needs. However, it’s important to note that for you to fully harness the benefits of collaborating closely with our exceptional team across multiple timezones, this role demands a heightened level of flexibility.

Benefits

• We offer a generous holiday allowance that increases the longer you are here. We are keen for birthdays to be celebrated and so we offer an additional day off to everyone.
• It is important to us that we all work in an environment that is supportive of health and wellbeing; healthcare cover for all our people covers your health, dental and ophthalmic requirements to support you physically and mentally.
• Our generous company contribution to your pension is greater than the local requirements and over time you can plan effectively for your future with our matching contribution scheme.
• We place huge importance on the contribution and experience you bring to the team, the salary will be based on the value you will bring to the role with a range spanning from 75-115K CAD.

How to apply

Tell us about you in a cover letter, outlining what you will bring to the role and how you can contribute to creating best in class tools and services throughout the aviation industry. Please also include your resume.

TrustFlight is an equal opportunity employer. We work together to create the most talented team that celebrates inclusivity, diversity and equality in a serious way. We are committed to building a team that represents a variety of backgrounds, perspectives, and skills. All candidates will receive consideration for this role without regard for gender, gender identity, race, national origin, colour, religion, disability or age. Our inclusive culture empowers all of us to inspire, enlighten and thrive.