-
View all jobs
Being part of Air Canada is to become part of an iconic Canadian symbol, recently ranked the best Airline in North America. Let your career take flight by joining our diverse and vibrant team at the leading edge of passenger aviation.
This position within Air Canada’s DevOps team is responsible for shaping the next generation of secure DevOps capabilities and driving value through strategic investments in automation, CI/CD, and infrastructure as code, and integrated security
This role demands strong expertise in security and automation, along with analytical and strategic thinking to collaborate with Air Canada IT and business unit teams, ensuring solutions meet requirements, align with security standards, and support the technology roadmap.
As a leader, the DevOps Specialist will also mentor and coach team members, contributing to the development of a high-performing DevOps organization and the delivery of robust, scalable solutions.
The ideal candidate will bring extensive experience in designing, implementing, and managing DevSecOps solutions across cloud platforms, with deep knowledge of CI/CD pipelines, container security, vulnerability management, policy as code, and monitoring. This role requires excellent problem-solving skills and the ability to collaborate effectively with cross-functional teams.
Primary goal of the position is, with strong security and automation skills to lead initiatives around the creation and maintenance of hardened container images, secure package management, and ensuring that CI/CD pipelines adhere to industry best practices and internal security policies
Responsibilities
Technical Skills:
Candidates must be eligible to work in the country of interest at the time any offer of employment is made and are responsible for obtaining any required work permits, visas, or other authorizations necessary for employment. Prior to their start date, candidates will also need to provide proof of their eligibility to work in the country of interest.
Linguistic Requirements
Based on equal qualifications, preference will be given to bilingual candidates.
Diversity and Inclusion
Air Canada is strongly committed to Diversity and Inclusion and aims to create a healthy, accessible and rewarding work environment which highlights employees’ unique contributions to our company’s success.
As an equal opportunity employer, we welcome applications from all to help us build a diverse workforce which reflects the diversity of our customers, and communities, in which we live and serve.
Air Canada thanks all candidates for their interest; however only those selected to continue in the process will be contacted.
This position within Air Canada’s DevOps team is responsible for shaping the next generation of secure DevOps capabilities and driving value through strategic investments in automation, CI/CD, and infrastructure as code, and integrated security
This role demands strong expertise in security and automation, along with analytical and strategic thinking to collaborate with Air Canada IT and business unit teams, ensuring solutions meet requirements, align with security standards, and support the technology roadmap.
As a leader, the DevOps Specialist will also mentor and coach team members, contributing to the development of a high-performing DevOps organization and the delivery of robust, scalable solutions.
The ideal candidate will bring extensive experience in designing, implementing, and managing DevSecOps solutions across cloud platforms, with deep knowledge of CI/CD pipelines, container security, vulnerability management, policy as code, and monitoring. This role requires excellent problem-solving skills and the ability to collaborate effectively with cross-functional teams.
Primary goal of the position is, with strong security and automation skills to lead initiatives around the creation and maintenance of hardened container images, secure package management, and ensuring that CI/CD pipelines adhere to industry best practices and internal security policies
Responsibilities
- Champion and evolve the DevSecOps vision, embedding security as a core principle within CI/CD pipelines and cloud infrastructure
- Architect, implement, and maintain secure AWS environments, ensuring compliance with industry standards and best practices
- Build automation for security controls such as IAM policies, encryption, secrets rotation, and vulnerability patching
- Risk assessments, and security reviews across the SDLC
- Monitor for security incidents, manage incident response, and lead root cause analysis and remediation efforts
- Drive continuous improvement by identifying security gaps and innovating security solutions for cloud-native applications
- Build and maintain hardened base images (e.g., Docker, AMIs) aligned with security benchmarks such as CIS, NIST, and company-specific standards.
- Develop automated mechanisms to scan, update, and patch packages within those images regularly.
- Collaborate with security teams to implement policies into CI/CD pipelines, ensuring code, images, and dependencies are compliant before promotion
- Integrate security tools (e.g., SAST, DAST, SCA, container scanners) into building pipelines and monitor results.
- Establish processes to manage image provenance, SBOM (Software Bill of Materials), Bill of materials SLSA (Supply-chain Levels for Software Artifacts),and artifact trust.
- Automate vulnerability scanning and enforce secure deployment gates.
- Collaborate with developers to remediate findings and improve code security.
- Support threat modeling, risk assessments, and compliance automation.
- Monitor and improve pipeline security metrics.
- Document and communicate secure practices to developers and engineering teams, promoting a security-first culture.
Technical Skills:
- A relevant University degree/technical certification, and/or relevant experience commensurate to the role.
- 5+ years experience with IT technology
- Proven experience with cloud platforms such as AWS, Azure, or Google Cloud.
- Strong knowledge of cloud architecture, networking, and security principles.
- Solid understanding of AWS services: This includes knowledge of core services like S3, EC2, IAM, and services related to governance like CloudTrail, Config, and IAM Identity Center.
- Security expertise: Familiarity with security best practices for the cloud, including encryption, access controls, and incident response procedures.
- Experience with compliance frameworks: Understanding of relevant compliance frameworks like HIPAA, PCI DSS, GDPR, PIPEDA and SOC 2.
- Proven experience in DevSecOps, Cloud Security, or Infrastructure Security.
- Proficiency in scripting and automation (e.g., Bash, Python, Go).
- Hands-on experience with CI/CD platforms (e.g., GitHub Actions, Bitbucket pipeline).
- Deep knowledge of containerization (Docker, Podman) and image scanning tools.
- Familiarity with IaC tools (e.g., Terraform, Ansible) and cloud platforms (AWS, Azure).
- Strong knowledge of secure software development lifecycle (SSDLC).
- Experience with package managers and secure dependency management (e.g., pip, npm, apt, yum).
- Knowledge of compliance frameworks and how to operationalize them in cloud environments.
- Strong communication skills and ability to influence cross-functional teams.
- Hands-on experience with tools like OWASP ZAP, Snyk, SonarQube, Checkmarx, or Fortify.
- Demonstrate punctuality and dependability to support overall team success in a fast-paced environment.
- Understanding of cloud governance principles: Knowledge of the shared responsibility model, cost optimization strategies, and resource tagging for accountability.
- Communication and collaboration: Ability to communicate effectively with technical and non-technical audiences, collaborate with stakeholders to define governance requirements, and document processes.
- Problem-solving and analytical skills: Ability to identify and address potential security risks, troubleshoot governance issues, and analyze logs for anomalies.
- Project management: Experience in planning, implementing, and monitoring governance initiatives.
- CNCF CKS, AWS Security Specialty, or CompTIA Security+.
- Experience with policy-as-code tools like OPA (Open Policy Agent), Conftest, or Checkov
- Familiarity with container orchestration (Kubernetes) and securing workloads in production.
- Experience with security operations in agile product development environments.
- Exposure to zero-trust security models and cloud-native security architectures.
- Occasional travel may be required.
Candidates must be eligible to work in the country of interest at the time any offer of employment is made and are responsible for obtaining any required work permits, visas, or other authorizations necessary for employment. Prior to their start date, candidates will also need to provide proof of their eligibility to work in the country of interest.
Linguistic Requirements
Based on equal qualifications, preference will be given to bilingual candidates.
Diversity and Inclusion
Air Canada is strongly committed to Diversity and Inclusion and aims to create a healthy, accessible and rewarding work environment which highlights employees’ unique contributions to our company’s success.
As an equal opportunity employer, we welcome applications from all to help us build a diverse workforce which reflects the diversity of our customers, and communities, in which we live and serve.
Air Canada thanks all candidates for their interest; however only those selected to continue in the process will be contacted.
Key Skills
Ranked by relevance
cloud
cicd
aws
devops
incident response
docker
infrastructure as code
containerization
cloud security
kubernetes
terraform
ansible
pci dss
python
hipaa
owasp
bash
gdpr
nist
npm
cis
dss
s3
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Devops - Remote
2026-05-25
Full-time
Not Applicable
Portugal
IT Services
Management
View Job Details
Related
Artificial Intelligence Specialist
2026-05-26
Full-time
Associate
United Arab Emirates
Airlines
Administrative
View Job Details
Related
DEVOPS (CLOUD)
2026-05-25
Full-time
Mid-Senior
Portugal
Internet Publishing
Management
Login to Apply
- Posted
- Apr 16, 2026
- Type
- Full-time
- Level
- Entry
- Location
- Toronto
- Company
- Air Canada
Industries
Airlines
Aviation
Categories
Management
Manufacturing
Related Jobs
3 roles aligned with this opportunity
View Job Details
Related
Devops - Remote
2026-05-25
Full-time
Not Applicable
Portugal
IT Services
Management
View Job Details
Related
Artificial Intelligence Specialist
2026-05-26
Full-time
Associate
United Arab Emirates
Airlines
Administrative
View Job Details
Related
DEVOPS (CLOUD)
2026-05-25
Full-time
Mid-Senior
Portugal
Internet Publishing
Management