Sr. Security Analyst
Toronto, CA
5d ago

The Information Security Office (ISO) at TMX is responsible for researching, deploying and maintaining Security Technologies that support the defense in depth methodology in accordance with TMX regulations and policy.

This includes cloud and on premises deployments and tie ins to threat intelligence and audit reporting capabilities.

Reporting to the Manager of Security Operations, the Senior Security Analyst is responsible for the design, planning, testing, implementation, and administration of industry-wide accepted Information Security principles, practices, and information systems to ensure the protection of information assets processed, stored, or transmitted on premise and in the TMX Group cloud instances.

The successful candidate will also evaluate the effectiveness of Information Security solutions and processes in place, monitor for and identify security risks and exposures, determine the causes of security violations, assess, and implement procedures to prevent future incidents.

The Senior Security Analyst will also be required to understand and provide assistance to system users relative to information systems and security matters.

Job Responsibilities :

Lead the implementation, configuration, and daily operation of Information Security technologies that are implemented in TMX Group cloud environments and on premise

Manage and support Security technology across different business units for TMX Group Limited

Monitor and advise on Information Security compliance related to IT to ensure Security controls are functioning appropriately

Support the ongoing Security control processes within the enterprise which includes security technologies, networks, information systems, and endpoints both on premise and in the cloud

Influences internal partners to ensure they build solutions consistent with the organization's planned policies, programs, architectural recommendations, and Information Security standards

Manage requirements documentation, analyzes opinions, and proposes solutions that leverage resources for highly complex projects

Assist in the design and implementation of resilient Information Security architecture and technologies for optimal threat protection, monitoring and Incident Response

Analyzes threat and vulnerability feeds and analyzes data for applicability to TMX’s environment including the identification and resolution of false positive findings in assessment results, as well as perform compensating controls analysis and validate efficacy of existing controls

Understanding of threat models, impact levels, and the different approaches and methodologies i.e. black / grey / white box testing

Develop innovative and secure solutions and provide guidance for TMX Group Limited stakeholders

Work with Security and IT stakeholders to implement a risk management program that allows for the identification and remediation of Information Security risks

Advise the organization about Information Security threats, technologies and related regulatory requirements

Develop and implement Information Security metrics, measurement criteria and reporting to ensure compliance and continuous improvement for cloud tools and environments

Assesses information technology control elements to mitigate IT risks regarding the confidentiality, integrity and availability of business information

Preferred Qualifications :

5+ years Security System administration and engineering experience

2+ years of SOC experience, or responding to cyber security investigations

2+ years’ experience with SIEM, DLP, and CASB

CCSP, CCSK, CISSP, CISM, ISO 27001 / 27002 certifications as asset

2+ years’ experience with Amazon Web Services (AWS) platform capabilities and best practices architectures, Google Compute Platform (GCP) an asset

Experience with Splunk, Tripwire, HX, Qradar, McAfee, F5, Imperva, Nexpose, Fortinet or similar technologies

Virtualization and cloud platforms : VMware, Xenserver and KVM, OpenStack, Cloudstack, AWS, GCP

Linux and / or Windows administration and troubleshooting experience

Programming / scripting experience, preferably with a diversity of languages

Well versed in internet architectures, including web, application, and database components such as Apache, IIS, memcache, MySQL, SQL Server, etc.

Experience utilizing or implementing the MITRE ATT&CK framework.

Experience with UEBA and other Security Analytics Platforms.

General Networking skills required (Layer 2 & 3 switches, OSI Model, TCP / IP, SNMP, etc.)

Strong interpersonal communication skills and the ability to communicate with customers, vendors and partners, and across all levels of the organization

Ability to interact, develop, engineer and communicate at the highest technical levels of organizational decision-making

Excellent oral and written communications for the development of the security program, strategy, guidelines, policies, standards and for presentations to technical and non-technical audiences at all levels of the organization

Ability to build and work with multi-disciplinary teams to achieve goals and to meet deadlines in a fast-paced environment

Works well under pressure and time constraints and can prioritize competing priorities appropriately

Strong business and technical acumen

TMX is committed to creating and sustaining a collegial work environment in which all individuals are treated with dignity and respect and one which reflects the diversity of the community in which we operate.

We provide accommodations for applicants and employees who require it.

Report this job

Thank you for reporting this job!

Your feedback will help us improve the quality of our services.

My Email
By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
Application form