Specialist, Cyber Threat Intelligence

Being part of Air Canada is to become part of an iconic Canadian symbol, recently ranked the best Airline in North America. Let your career take flight by joining our diverse and vibrant team at the leading edge of passenger aviation. The Specialist, Cyber Threat Intelligence is responsible for proactively identifying, analyzing, and disrupting cyber threats targeting the organization. This role blends strategic and tactical threat intelligence with hands-on threat hunting, enabling early detection of advanced adversaries, emerging attack techniques, and targeted campaigns. Responsibilities: Collect, analyze, validate, and contextualize cyber threat intelligence from multiple sources including OSINT, dark web forums, commercial feeds, ISACs, industry partners, and internal telemetry to identify emerging threats, adversary TTPs, and sector-specific risks Drive and continuously mature the strategy, governance, and operational execution of the Cyber Threat Intelligence (CTI) program, establishing a formal intelligence lifecycle that ensures actionable intelligence is effectively collected, enriched, analyzed, disseminated, and operationalized within security functions Track, profile, and conduct deep analysis of threat actors targeting the organization’s industry, technology stack, and supply chain, including long-term campaign tracking, infrastructure reuse, malware evolution, and adversary behavior patterns Conduct intelligence-led and hypothesis-driven threat hunting across enterprise systems to identify stealthy, advanced, or previously undetected adversary activity Support and participate in incident response, forensic analysis, and post-incident investigations, providing adversary attribution assessments, likely next-step analysis, and intelligence-based scope expansion Serve as a bridge between fraud prevention, SOC, and intelligence teams to ensure comprehensive coverage of threats. Facilitate information sharing and collaboration to strengthen the organization’s overall security posture Create detailed technical reports, threat advisories, and early warning alerts on emerging threats and incidents for technical and non-technical stakeholders

Created: 2026-03-04