The Security Architect is responsible for providing technical and operational expertise in information security systems, principles and practices to ensure the protection of information assets at the TMX Group Limited.
As a Security Architect, you will help shape security innovation and play a key role in the evolution of the TMX’s security architecture and solutions in support to current and new business initiatives.
You will work as part of a security team to provide security guidance for new projects and initiatives, with a focus on cloud based solutions.
The goal of the position is to contribute to the maturing of the company’s infrastructure security architecture and technology frameworks, improving overall enterprise security posture and cultivating company-
wide culture of security-awareness. You will advise service owners on security risk management and how to effectively balance security and business requirements, and you will provide expert advice during multiple project phases, communicating security strategy to both technical and non-
technical audiences. This position utilizes strong technical knowledge, skills and expertise with a variety of IT and security technologies.
Key Accountabilities :
Participate in security architecture development utilizing a service (SOA) approach to common security services, with a focus on cloud based solutions.
Participate in development of security architectural frameworks and reference model that form the basis of security infrastructures and are instrumental in delivering security services.
Provide security expertise and direction to the project on security architecture and design, software development, operationalization, maintenance, governance, and risk management.
Responsible for developing technical standards, procedures, within a technology or process domain by designing, integrating, and modifying TMX’ management, measurement, and reporting tools for successful implementation of the Information Security Program at TMX.
Influences internal partners to ensure they build solutions consistent with the organization's policies, programs, architectural recommendations, and information security standards.
Contributes to portfolio design initiatives by implementation and adoption of security related infrastructure / technology associated with networks, internet, messaging, operating systems, firewalls, VPNs, intrusion detection, cryptography, Wi-
Fi, cloud and mobile solutions.
Supports new projects in formulating security requirements.
Provides recommendations on appropriate security technology and controls for new projects, based on TMX security policy and standards.
Proposes new security services to provide consistency and to promote efficiency to meet business requirements.
Represents Information Security in multiple concurrent projects.
Conducts security and risk assessments.
Identifies the risks resulting from the lack of compliance with internal controls and the risks related to TMX’s assets, while ensuring that adequate controls are maintained.
Works collaboratively with internal teams to identify solutions and actions needed as a result of security and risk assessment issues.
Interfaces with technology and business-services vendors, to ensure that TMX acquires products and services that protect confidentiality, integrity and availability of TMX informational assets.
Must Have Skills :
8-10 years of IT experience, of which minimum 5 years are in Information Security Architecture.
Undergraduate degree in Computer Science or Engineering required. Graduate degree, preferred.
Knowledge in Security Architecture, including : securing service oriented architecture (SOA); cloud security; mobile devices and applications’ security;
network security; application security; Internet and Intranets; network infrastructure; web services; identity and access management, CASB, Vulnerability Assessments;
SIEM; security incident management.
Previous hands-on experience with multiple security domains.
Understanding of security risk management methodologies and frameworks.
Strong analytical and research skills.
Solid oral and written communications are mandatory.
Ability to work with technical and non-technical TMX teams to achieve goals and meet deadlines in a fast-paced environment.
CISSP designation a must
CISA, CISM, ISO 27001 Lead Auditor, SABSA or similar certification is an asset.
Knowledge of ITIL, NIST, and ISO best practices and process improvement.
Preference will be given to people with experience in AWS, Azure and Google cloud security.
Other Skills :