Senior Security Analyst

Venture outside the ordinary - TMX Careers

The TMX group of companies includes leading global exchanges such as the Toronto Stock Exchange, Montreal Exchange, and numerous innovative organizations enhancing capital markets. United as a global team, we're connecting cross-functionally, traversing industries and geographies, moving opportunity into action, advancing global economic growth, and propelling progress. Through a rich exchange of ideas, meaningful collaboration, and a nimble operating model, we're powering some of the nation's most critical systems, fueling capital formation and innovation, bringing increased opportunity to business visionaries, product ingenuity to consumers, and career exploration to our team.

Ready to be part of the action?

The Information Security Office (ISO) at TMX is responsible for researching, deploying, and maintaining Cyber Security Technologies that support the defense in depth methodology in accordance with TMX regulations and policy. This includes cloud and on-premises deployments, with tie-ins to threat intelligence, and audit reporting capabilities.
Collaborating with the Senior Manager of Security Operations, the Senior Security Analyst is responsible for the design, planning, testing, implementation, and administration of industry-wide accepted Information Security principles, practices, and information systems to ensure the protection of information assets processed, stored or transmitted on-premise and cloud instances.
The successful candidate will also be responsible for various Cyber Security tools as an Subject Matter Expert (SME) within the Security Operations Centre (SOC), including but not limited to Cloud Access Security Broker (CASB), developing and maintaining OS Hardening and Compliance Standards, next generation firewall security blades, and SOC investigation / incident response handling.

Job Responsibilities:

• Lead the implementation, configuration, and daily operation of Cyber Security technologies that are implemented within on-prem TMX Group environments.
• Manage and support Security technology across different business units for TMX Group Limited.
• Monitor and advise on Information Security compliance related to Cyber Security to ensure controls are functioning appropriately within the TMX cloud environments.
• Support the ongoing security control processes within the enterprise which includes various security technologies, networks, information systems, and endpoints both on-prem and in the cloud.
• Influences internal partners to ensure they build solutions consistent with the organization's planned policies, programs, architectural recommendations, and Information Security standards on-prem and in the cloud.
• Manage requirements documentation, analyzes opinions, and proposes solutions that leverage resources for highly complex projects on-prem and in the cloud.
• Assist in the design and implementation of resilient Cyber Security architecture technologies for optimal threat protection, monitoring and Incident Response for both on-prem and in the cloud.
• Analyze threat and vulnerability feeds data for applicability to TMX's on-prem and cloud environments, including the identification and resolution of false positive findings in assessment results, as well as perform compensating controls analysis and validate efficacy of existing controls.
• Understanding of threat models, impact levels, and the different approaches and methodologies (i.e. black/gray/white box testing).
• Develop innovative and secure solutions and provide guidance for TMX Group business stakeholders.
• Develop and implement Cyber Security metrics, measurement criteria and reporting to ensure compliance and continuous improvement across multiple environments.
• Asses information technology control elements to mitigate IT risks regarding the confidentiality, integrity and availability of business information.

Preferred Qualifications:

• 5+ years of experience with CASB solutions, Next Generation Firewalls, and Windows / Linux Hardening and compliance.
• 3+ years Cyber Security engineering experience including network, and endpoint tools.
• 2+ years of SOC experience, or responding to traditional and / or cloud based cyber security investigations.
• CCSP, CISSP, certifications strong assets.
• Strong experience with Netskope CASB solution for DLP and endpoint security.
• Strong experience with Fortinet / Fortigate next generation firewalls, including security blades.
• Strong experience with developing, maintaining, consulting on Windows and Linux based hardening standards.
• Strong Experience with security tool architecture, deployment, and engineering across multiple on-prem and cloud environments.
• Experience with Splunk, CrowdStrike, Qradar, McAfee, F5, Nexpose or similar technologies.
• Experience with incident response and forensics is a strong asset.
• Experience with UEBA and other Security Analytics Platforms.
• Windows and / or Linux administration, troubleshooting, and scripting experience.
• Programming / scripting experience, preferably with a diversity of languages.
• General networking skills required (Layer 2 & 3 switches, OSI Model, TCP/IP, SNMP, etc.)
• Strong interpersonal communication skills and the ability to communicate with clients, vendors and partners, across all levels of the organization.
• Ability to build and work with multi-disciplinary teams to achieve goals and to meet deadlines in a fast-paced environment.
• Works well under pressure and time constraints and can prioritize competing priorities appropriately.

In the market for…

Excitement - Explore emerging technology and innovation, as well as ventures and digital finance that shape the future of global markets! Experience the movement of the market while grounded in the stability of close to 200 years of success.

Connection - With site hubs in some of the world's most multicultural cities, we leverage our size and structure to create rich connections and belonging while experiencing powerful global impact through our work.

Impact - More than a platform, we use our talents to power mission-critical systems that drive global economic advancement, innovation, and growth. As well, our employee-led Team Impact spreads social good via our giving strategy.

Wellness - From empathetic leadership to a culture of flexibility and balance, we believe wellness at work creates the maximum yield and a stronger "we". Plus, with a cloud-first and hybrid workstyle, as well as generous time-off and leaves, we support a life well lived!

Growth - From a growth mindset in our work, to expansion in our business, TMX is home to action-takers energized by the achievement of ambitious growth.

Ready to enrich your career with impactful work, leaders who truly care, and the flexibility and programs to help you thrive as part of #TeamTMX ? Apply now.

TMX is committed to creating and sustaining a collegial work environment in which all individuals are treated with dignity and respect and one which reflects the diversity of the community in which we operate. We provide accommodations for applicants and employees who require it.