Senior IT Security Consultant

Air Miles

Senior IT Security Consultant
The AIR MILES Reward Program is Canada’s most recognized loyalty program with nearly 10 million active collector accounts. With more than 30 years of experience, we have a proven track record of driving long-term loyalty.
There’s a reason we’re recognized as one of the best places to work year after year: we give you more than a place to work, we give you a place to grow your career. That’s what sets us apart.
Benefits and Perks at AIR MILES:
  • Flexible work environment with remote work stipends
  • AIR MILES Gold® Collector status upon hire
  • Free AIR MILES issued annually on your anniversary date
  • Group RRSPs & company matching program
  • An annual wellness subsidy
  • Robust wellness resources including cognitive behavioural therapy and a Headspace subscription
  • Summer Hours Program (half-day Fridays + 3 Summer Fun Days)
  • Loyalty Days (2 extra vacation days per year)
  • Two-week Sabbatical Leave and 20,000 AIR MILES in the year following each five-year milestone anniversary
  • Volunteer paid time off
  • Generous tuition reimbursement programs
  • Extensive learning and development opportunities
What Will You Work On?
In this role, you will be responsible for overseeing, evaluating, and supporting security operations and compliance program pertinent to AIR MILES! Individuals in this role perform a variety of activities, encompassing security operations (e.g. security monitoring, vulnerability management, incident response, etc.) and compliance from an internal and external perspective. Such activities include leading and conducting internal investigations, ensure that employees comply with internal policies and procedures, and serve as a resource to AIR MILES! during independent assessments. The Security & Compliance Specialist provides guidance and independent evaluation of the organization to management through various reporting streams.
How Will You Create Impact?
  • Compliance mapping and maintaining controls on frameworks and other regulations
  • Perform risk assessments and work with stakeholders to implement measures to mitigate risk
  • Perform audit/testing on internal controls and work with stakeholders on remediation activities
  • Closely work with third party service providers to lead and support any work performed
  • Prepare monthly Information security metrics for reporting
  • Establish relationship with internal stakeholders, keeps abreast of technology, bring emerging risks to management attention and identifies opportunities for improving existing security processes.
  • Consult on Internal Security Policy and Baseline Standards
Let’s Talk About You:
  • Demonstrated competency in project management in a cross-functional environment and experience in managing remediation activities across the enterprise.
  • Communication skills especially in areas where diplomacy is needed to help ensure that new policies and procedures gain the support they need to be adopted by the enterprise and management.
  • At least 6 years of full-time work experience in information security management and/or related functions (such as IT audit and IT Risk Management)
  • Solid understanding of Information security standards and IT frameworks (ISO27002, CoBIT, ITIL, ISF etc.)
  • Strong knowledge of Security Governance, Risk & Compliance and security audit practices.
  • Experience in multiple security domains (e.g. Access control, application and system development, operations security, network, BCP/DR, etc.)
  • Sound knowledge of network security and network security components such as firewalls, routers, intrusion detection and other products such as SIEM and anti-malware products.
  • Strong knowledge of cloud architecture security and deployment of security controls in a cloud environment (e.g. MS Azure, AWS, etc.).
  • Well versed in ISO 27001 and AT 101 compliance guidelines. Agile Engineering
  • CI/CD practices and tools like Jenkins, github
AIR MILES is for Everyone
We are committed to embedding inclusion in the way we work and the services we offer. We believe inclusion is not only a strength but a competitive advantage for AIR MILES, and we focus on building a culture of belonging that enables us to perform, innovate and be our authentic selves.
If you are excited about the role, but don’t meet every single requirement outlined in the job description, we encourage you to apply anyway. You never know, you might just be the right candidate for this role, or others!
In your application, please feel free to advise if you require accommodation for the interview process. We also welcome you to note which pronouns you use. Please know preliminary interviews are conducted remotely, via phone or video call. We look forward to ‘virtually’ meeting you!
Flexible Work Environment
AIR MILES is proud to offer Corporate Associates the flexibility to choose where they do their best work and we do not mandate a minimum number of days required in office. That said, the doors at our Toronto office are always open to Associates who prefer an office environment or need a change of scenery. All members of our Customer Care team permanently work from home.
No matter where you work from, everyone is set up with the tools and resources required to stay connected and make work-from-anywhere routines more comfortable.
Check us out – AIR MILES, a LoyaltyOne Company on





Instagram LoyaltyOne Culture

Instagram AIR MILES

Information Systems

Job Type:


Apply Now
To help us track our recruitment effort, please indicate in your cover/motivation letter where ( you saw this job posting.

Leave a Reply