[NEW] Digital Academy - the only digital training designed especially for airline professionals. Get more info here.

Select Sidearea

Populate the sidearea with useful widgets. It’s simple to add images, categories, latest post, social media icon links, tag clouds, and more.


Senior Manager Identity & Access Management

Iztok Franko

Website WestJet

About the job

Overview of role: 

WestJet is seeking a senior leader to join our Cybersecurity office. This individual can exhibit a high standard of excellence, enjoys challenges, and is results-driven. The incumbent must be highly motivated and demonstrate the ability to work in an agile environment.


The Senior Manager, Identity and Access Management is responsible for leading the design, implementation, and management of global enterprise-wide Identity and Access Management (IAM) programs ensuring authorized access to application, systems, and data resources, authentication, and auditability mechanisms. Provides management oversight of the Access Management provisioning / de-provisioning for WestJet’s key IAM applications and tools. Oversees vendor management of IAM providers and leads cross functional project teams. Accountable for leadership, development, planning, and execution of IAM strategies to ensure information security and compliance with governance and compliance requirements in alignment with business processes and objectives. This position can be based in Calgary AB or Canada remote.


Key deliverables include: 

Strategic Leadership:

  • Develop global enterprise-wide strategy and standards for IAM programs ensuring alignment with business objectives and compliance with Access governance framework and operating model.
  • Maintain in-depth awareness and understanding of current and emerging trends in IAM in order to inform strategy.
  • Provide thought leadership in the development of identity management operational risk management practices.
  • Develop, recommend, and partner with IT support groups (e.g., Architecture, Infrastructure, Solution Delivery, etc.) to enhance access security practices.
  • Provide subject matter expertise and guidance on Access Governance framework to ensure compliance and adherence to WJ’s operational risk-taking philosophy, policy, procedures and processes.
  • As a member of the leadership team, contribute to the overall strategic planning and direction of Cybersecurity / IT.


Operational Leadership:

  • Oversee the Access Management support team provisioning support of IAM programs and services including certification and security services, privileged and non-privileged ID, and access management of employee and partner accounts acting as escalation point as required.
  • Lead the execution of complex global enterprise wide IAM programs utilizing a deep specialized knowledge of IAM practices as the subject matter expert.
  • Oversee the automation of user access activities including access request, approval, provisioning and de-provisioning, and certification/re-certification.
  • Develop IAM programs and establish new quality assurance processes to increase effectiveness.
  • Monitor metrics to measure program effectiveness, and compliance against standards and deliver reporting to provide assurance to senior management.
  • Provide identity reporting to business groups to facilitate access to application and data resource decision making.
  • Evaluate effectiveness of IAM programs, analyzing areas of deficiency and developing recommendations to resolve.
  • Work with vendors to resolve deficiencies identified in audits.
  • Research IAM tool sets and products in the market place and determine suitability for WJ’s environment.
  • Provide oversight of the use of external resources involved in identity management programs, including selection of vendors, and management of contract costs.


Risk and Compliance:

  • Oversee the governance structure of IAM programs providing regular progress reports and updates to senior management.
  • Manage the relationship with vendors and provide oversight of service implementation and execution.
  • Ensure overall consistency and suitability for meeting objectives of all IAM programs across the enterprise.
  • Manage risk through audit monitoring and control functions, ensuring compliance requirements, audits, and verifications are completed.
  • Develop, monitor, and review policies related to IAM program.
  • Monitor and escalate issues related to Identity Management.
  • Monitor and report on the compliance and effectiveness of logical access controls.
  • Manage access governance through development of access rule definitions that align with the WJ’s policies and standards and oversight of access rule operationalization.


Communication and Awareness:

  • Promote Access control best practices across the organization through oversight of education and awareness programs.
  • Lead the development of education and training programs concerning IAM related risks to the business.
  • Conduct requirement reviews with technology partners, assisting in ensuring processes, procedures and documentation requirements are fulfilled.
  • Ensure clear program communication and understanding of IAM policies, processes, and requirements for user access management by all levels of management.


Managerial Leadership:

  • Recruit, lead, mentor, and develop a leading-edge technology team, providing opportunities for growth to ensure continuity of growth and development plans.
  • Establish a culture and work environment that attracts, retains and motivates a diverse, skilled workforce in order to maintain a high degree of employee professionalism, commitment and desire to maintain updated skills and knowledge in support of a high-performance culture.
  • Provide leadership and direction by setting context, defining accountabilities, tasks and assignments, and establishing boundaries for decision-making and approvals.
  • Coach, motivate, develop and evaluate performance of direct reports and provide guidance and mentoring in the resolution of complex issues.
  • Provide development opportunities to direct reports, including the identification of training needs, creation and implementation of appropriate development plans, monitoring, documenting and providing regular feedback on performance.


Experience and qualifications:

  • Completion of a University degree in Computer Science or equivalent work experience.
  • 8+ years of experience in the areas of IAM program management and cybersecurity risk management.
  • Thorough up to date knowledge of the current IAM trends and best practices.
  • Experience in vendor and contract management.
  • Solid project management and budget management experience.
  • Industry certification in cybersecurity i.e., CISSP, ISO27001, CISM, SANS, etc. is an asset.
  • Advanced knowledge of security systems, access controls, network security, security management, security architecture, risk management, and security governance framework.
  • Strong understanding of policies, cross-organizational roles, and governance structures/processes.
  • Strong project management, problem solving and analytical abilities.
  • Advanced soft skills – communication, influence, negotiation, conflict resolution, relationship management.
  • Advanced level of critical thinking and sound judgement.
  • Strong strategic enterprise-wide vision and planning skills.
  • Proven ability to successfully partner and consult with business to identify business challenges and to develop effective strategies and alternatives to mitigate them.
  • Ability to effectively lead change management initiatives.
  • Strong conceptual skills: ability to deal with ambiguity; creativity; lateral thinker.
  • Strong service management and service delivery orientation.
  • Possesses expert written, oral, and interpersonal communication skills.
  • Ability to present complex information in a manner suitable for technical and non- technical audiences.
  • Highly self-motivated, self-directed, and attentive to detail.
  • Ability to prioritize and execute tasks in a high-pressure environment.
  • Strong team orientation and building skills, and ability to foster a collaborative environment.

To apply for this job please visit www.linkedin.com.

Iztok Franko

I am passionate about digital marketing and ecommerce, with more than 10 years of experience as a CMO and CIO in travel and multinational companies. I work as a strategic digital marketing and ecommerce consultant for global online travel brands. Constant learning is my main motivation, and this is why I launched Diggintravel.com, a content platform for travel digital marketers to obtain and share knowledge. If you want to learn or work with me check our Academy (learning with me) and Services (working with me) pages in the main menu of our website.