Employment Type: Part-time Regular
City: Canada (Remote Work)
Posting Open Date: 05/23/2023
Posting Close Date: 06/06/2023 (Please note the posting will close at
11:59pm MST)
Why WestJet:
Every WestJet journey has the potential to enrich lives; a career with us is no exception.
WestJet arrived on the Canadian airline scene in 1996 and changed the industry for the better. We made air travel more affordable for Canadians and now we're going global.
Join us and love where you’re going.
Remote Work:
This position is eligible for remote work, within Canada, under our mobile workforce program.
Overview of Role:
The Privileged Access Management (PAM) developer is accountable for the development and technical support of modern Privileged Identity and Access management platforms and capabilities. The developer performs development of PAM systems, administration, software maintenance, release planning and change management activities.
The developer is responsible for the development and technical enablement of PAM services in adherence to Westjet’s policies and contributes to developing documentation e.g., build/run books. This role requires deep fluency with Privileged Identity and Access Management platforms such as CyberArk PAS, knowledge on PAM capabilities for secure vaulting, privileged session management and password management for Infrastructure and application accounts and experience working on cloud platforms such as Azure. The developer will ensure PAM technical capabilities are developed using modern programming and scripting languages such as python, PowerShell etc. Security principles of “least privilege”, “need to know” and “segregation of duties” must be followed by the developer to reduce security risks for Westjet.
Key deliverables/Responsibilities:
- Lead the design and development activities for privileged access management function by using programming and scripting languages such as python, PowerShell, TCL, AutoIT, CyberArk PACLI etc.
- Provide technical support for PAM solutions e.g., CyberArk Privileged Access Security (PAS)
- Configure CyberArk safes, policies, access controls and workflows
- Configure and maintain master policy, CPM platform policy etc.
- Development of custom plugins and connectors in CyberArk as per the requirements
- Implementation and maintenance of high availability cluster setup for CyberArk PAS
- Implementation and maintenance of disaster recovery environment for CyberArk PAS
- Implement and maintain CyberArk vault backup process
- Deploy various use cases e.g., dual account control
- Establish break glass processes for privileged access
- Implement enhancements and enable new functionality for continuous improvement
- Participate in evaluation of new PAM technologies
- Partner with various IT support groups and key stakeholders in People & Culture to elevate privileged access security posture through technology
- Provide operational support for the privileged access management program, acting as the technical escalation point as required.
- Technical Support for PAM governance during periodic audit and compliance exercises for CSOX, PCI, GDPR, PIPEDA, etc.
- Develop and maintain run documentation for all processes with a focus on self-service
- Stay abreast of industry technical and business trends (association, practice, learning)
- Identify privileged access management gaps through proactive discovery and partner with application development teams for remediation
- Works with senior professionals/leadership to identify opportunities to develop new PAM processes, tools, and services
- Begins to lead employees on the development of methods, techniques, and various analytical approaches
- Serves as a resource integrator – builds professional networks and identifies/connects resources to solve problems/issues and achieve goals. Regularly contributes actionable ideas in planning/design sessions
- Collaborates with management to identify and pursue PAM innovative opportunities to build new processes, tools, techniques, products, and services
Experience and qualifications: - Typically requires a Bachelor’s degree and 5+ years of Information Security experience, or and equivalent combination of training and experience.
- Privileged access management and Information Security certification (e.g., CyberArk Defender, CyberArk Sentry, CyberArk Guardian, CISSP, ISO 27001) is desired.
- Good knowledge of Information Security risk, ITGC controls, supplier due diligence etc. is required
- Subject matter expertise in PAM design and development using programming and scripting languages such as python, PowerShell, TCL, AutoIT, CyberArk PACLI etc.
- Experienced with development, designing, implementing, and optimizing solutions using the following technologies and concepts:
- Java, JSON, RESTful APIs,
- Python, PowerShell
- TCL, AutoIT, CyberArk PACLI
- HTML/CSS/JS
- SAML/OAuth Authentication
- Active Directory/LDAP
- Privileged threat analytics
- Azure AD
- Web Access Management
- Single Sign-on and Federation (Kerberos, SAML 2.0, ADFS, OAuth 2.0, OpenID Connect, etc.)
- Multi Factor Authentication
- Public and Private Cloud hosted PAM solutions
- Windows Security
- Single Sign On
- Role Based Access Control (RBAC)
- Experience integrating large enterprise solutions with a Privileged Access Management solution e.g., CyberArk integration with SailPoint, Splunk etc.
- Experience with zero-trust as related to IAM and PAM.
- Proven experience in/or demonstrated proficiency in implementing and integrating enterprise level information security systems and processes, meeting information security compliance requirements, managing large IT projects; and aligning complex business problems to appropriate technology solutions that deliver strong returns on investment
- Good knowledge of Public Cloud systems identity and access management requirements including Identity Federation services
- Knowledge of Remote access tools (VPN, Citrix), Two-factor authentication technologies, and digital certificates
- Good knowledge of information security processes, procedures, and controls, understanding of industry standards and frameworks e.g., NIST Cyber Security Framework (CSF), ISO 27001 / 27002, Center for Internet Study (CIS) benchmarks, etc.
- Knowledge of Secure DevOps pipeline, Agile Scrum is desirable
The benefits of being a WestJetter:
WestJet provides all WestJetters with a competitive total rewards package. On top of that, we offer:
- A fun and friendly culture with colleagues who work together to win
- Travel privileges for you and your family, effective from your start date
- Savings and Benefit programs that are flexible to meet your specific needs
Think we are a fit? Apply now!
About WestJet Group Of Companies
Together with WestJet's regional airline, WestJet Encore, we offer scheduled service to more than 100 destinations in North America, Central America, the Caribbean and Europe and to more than 175 destinations in over 20 countries through our airline partnerships.
Our Safety Promise
At WestJet, the safety and security of our people and our guests is a core value and at the heart of what we do. As safety and security is a shared responsibility, it is expected that you will use safe work practices to ensure your well-being and the safety of others.
WestJet recognizes that the use of Alcohol and Drugs can adversely impact a safe work environment and the well-being of others including guests, suppliers and the public, as well as place WestJet's operations at risk. All roles that are identified as safety sensitive are required to pass a Pre-Employment Alcohol and Drug Test as per WestJet's Alcohol and Drug Policy.
Our Commitment to Diversity and Inclusion
We embrace what makes us each unique, and what makes us uniquely WestJet. WestJet is committed to inclusiveness, equity, and accessibility and if you require accommodation during the selection process, please let our Talent Acquisition team know. We encourage all qualified candidates to apply. We thank all applicants for their interest in WestJet; however, only those candidates who are selected will be contacted.
For more information about everything WestJet, please visit WestJet.com