Security Team Lead (STORM)
Montréal, QC
Profession: Architecture

Work Location: Americas-Canada-Montreal




Welcome to SITA... We lead one of the most exciting and advanced industries on earth. Around the world, nearly every passenger flight relies on SITA technology, almost every airport and airline does business with us, and it’s our job to support their operations. As the world's leading air transport IT and communications specialist, we’re committed to meeting the demands of the air transport industry around the clock, every day.

Our Vision: Easy air travel every step of the way


With us there are no limits for people looking to explore the edges of possibility and beyond. Together, we Go.Far.
Challenge: Our people take on some of the biggest challenges in our industry. They aren't afraid to think bigger, work harder and deliver smarter solutions that are continuously transforming air travel.

Opportunity: Taking on these challenges opens up a world of opportunities for our people. We make sure they have the chance to develop their skills, explore new horizons and grow their careers on a global scale.

Note that these benefits can change and some of these benefits have ‘conditions’ and may not apply to all employees


Take a leading role within the Security Threat and Operational Risk Management (STORM) team within the Corporate Information Security Office (CISO) to support the team’s mission to defend SITA and our customers.

The role will coordinate the activities of the STORM team across Cyber Threat Intelligence, Security Threat Detection and Hunting, Vulnerability Assessment, Penetration Testing, Digital Forensics and Incident Response..


§ Coordinate the activities of the STORM team, primarily located in Montréal, Canada, whilst retaining hands-on responsibilities across one-or-more of STORM’s domains: Cyber Threat Intelligence, Security Threat Detection and Hunting, Vulnerability Assessment, Penetration Testing, Digital Forensics and Incident Response.

§ Mature and evolve existing processes to further deliver quality and repeatable STORM services to our internal and external stakeholders.

§ Maintain currency in defensive capabilities whilst ensuring these capabilities are commensurate with the threats we face and support the recommendation of necessary changes to these capabilities.

§ Report and communicate the performance of the STORM team and use this performance data and other observations to drive strategic changes designed to reduce operational security risk.

§ Work closely with operational teams across the SITA group of companies to ensure that requisite operational risk reduction activities are in place and operating effectively.

§ Embrace and promote the Security Orchestration and Automated Response (SOAR) philosophy to scale existing security capabilities with automation.

§ Analyze information from threat intelligence sources and recommend and implement requisite actions in line with this information.

§Contribute to the continuous improvement of broader security processes, tools and techniques to counter threats faced by SITA and our customers.



  • 8+ years experience in an IT security environment, with at least 5years in a SOC or security analyst capacity

§ Strong written and oral communication skills, especially in taking technical security information and communicating it to a non-security audience.

§ Strong ability to play a guiding role in the development of STORM processes and procedures.

§ Strong knowledge of the technical security control environment, such as Firewalls, IDS, Internet Filters, DLP, Vulnerability Scanners, Anti-Malware Solutions etc.

§ Strong understanding of Operating System, and Application logs from a variety of platforms.

§ Strong knowledge of Elasticsearch, Logstash and Kibana (ELK) in a security analysis context.

§ Good knowledge of configuration and operation of SIEM Solutions, preferably McAfee Enterprise Security Manager.

§ Good knowledge of Windows and Unix/Linux operating systems, and TCP/IP networking.

§ Good knowledge of computer forensic tools

§ Good knowledge of DevSecOps concepts.

§Good ability to perform data analytics.


§ Information Security

§ Infrastructure/Platforms

§ Technical Communication

§ Networking

§Performance management


§ Degree in a technical discipline (e.g. Information Security, Computer Science, Engineering, Mathematics, etc.) or sufficient work experience to demonstrate proficiency at this level.

§ Professional security designation such as:
§ Certified Information Systems Security professional (CISSP)

§ Certified Ethical Hacker (CEH)

§ Global Information Assurance Certifications (GIAC) e.g. Certified Incident Handler (GCIH), Certified Intrusion Analyst (GCIA), Certified Enterprise Defender (GCED), Certified Forensic Analyst (GCFA)

§ Previous experience in security architecture considered an asset.

§ Previous experience in system administration considered an asset.

§Previous team lead/ management experience considered an asset.

SITA is an Employment Equity Employer and values a diverse workforce. In support of our Employment Equity Program, women, Aboriginal people, members of visible minorities, and/or persons with disabilities are encouraged to apply and self-identify in the application process.


Job Posting: Oct 16, 2019, 9:51:54 AM