About the role
Venture outside the ordinary - TMX Careers The TMX group of companies includes leading global exchanges such as the Toronto Stock Exchange, Montreal Exchange, and numerous innovative organizations enhancing capital markets. United as a global team, we’re connecting cross-functionally, traversing industries and geographies, moving opportunity into action, advancing global economic growth, and propelling progress. Through a rich exchange of ideas, meaningful collaboration, and a nimble operating model, we're powering some of the nation's most critical systems, fueling capital formation and innovation, bringing increased opportunity to business visionaries, product ingenuity to consumers, and career exploration to our team.
Ready to be part of the action? The Information Security Office (ISO) at TMX is responsible for researching, deploying, and maintaining security technologies that support our
defense-in-depth strategy, in accordance with TMX regulations and policy. This includes robust security for our cloud environments,
especially Google Workspace and Google Cloud Platform (GCP).
Reporting to the Senior Manager of Security Operations, we're seeking a highly motivated and experienced Senior Google Security Analyst to
join our team. Your primary focus will be on ensuring the robust security of Google Workspace, though you'll also apply your expertise to our
growing Google Cloud Platform (GCP) footprint and ChromeOS devices. This is a pivotal role where you'll proactively identify threats,
respond to incidents, and continuously enhance our security posture across the entire Google ecosystem.
Key Responsibilities:
Leading Google Workspace Security: As the SOC and ISO expert, you'll administer, optimize, and review all security aspects
within Google Workspace, including Google Mail, Google Drive, Google Docs, etc.... Initiatives such as designing and
implementing Data Loss Prevention (DLP), managing sophisticated access controls like context-aware policies, enhancing
phishing / malware / fraud protection, and performing proactive audit log analysis. You'll also help to develop and enforce
robust security policies and configurations specifically for Workspace usage.
ChromeOS Device Security: You will be responsible for creating, maintaining, and enforcing security policies and
configurations for ChromeOS devices. This includes device enrollment, access controls, data protection, and secure browser
settings. You'll also lead the integration and management of third-party security tools (e.g., EDR, SIEM, CASB) with a
ChromeOS fleet to enhance endpoint detection and response capabilities.
Securing Google Cloud Platform (GCP): You'll design, implement, and manage security controls within GCP, leveraging native
services like IAM, VPC Service Controls, and Security Command Center, as well as various third-party security tools. Your
work will involve conducting security assessments, reviewing findings and applying security configurations for efficiency and
consistency.
Security Operations & Incident Response: You'll be actively involved in monitoring security logs and alerts from both Google
Workspace and GCP, utilizing our SIEM / SOAR platforms. This includes taking part in incident investigations, refining our
response playbooks, and performing proactive threat hunting across our Google ecosystem to identify emerging risks.
Risk Management & Collaboration: You'll identify and assess security vulnerabilities across both Google Workspace and GCP,
collaborating closely with development, operations, and IT teams to prioritize and remediate risks effectively. Staying current
with the latest cloud security trends will be key to embedding security best practices throughout our cloud infrastructure.
What You'll Bring:
Must-Haves:
- Bachelor's degree in Computer Science, Information Security, or a related field; or equivalent practical experience.
5+ years of dedicated experience in information security, with a significant portion focused on security operations or
engineering.
3+ years of hands-on experience and deep expertise in Google Workspace security administration and best practices
(formerly G Suite).
- Strong practical experience securing Google Cloud Platform (GCP) environments.
- Experience with ChromeOS device management and security, including policy creation and third-party security integrations.
Proficiency with security tools and technologies such as SIEM (e.g., Splunk, IBM QRadar), SOAR platforms, vulnerability
scanners, and network security controls.
- Experience with scripting languages (e.g., Python, Bash) for automation and security tool development.
- Excellent analytical, problem-solving, and communication skills.
- Ability to work both independently and as a vital part of a collaborative team.
Nice-To-Haves:
Relevant certifications such as:
- Google Workspace Administrator or Google Cloud Professional Cloud Security Engineer
- CISSP, CCSP
- GSEC, GCIH, GCIA
- Experience with container security (Docker, Kubernetes) in GCP.
- Familiarity with compliance frameworks (e.g., ISO 27001, SOC 2, HIPAA, PCI DSS).
We are committed to a fair evaluation process focused on your individual skills and experience. To that end, we expect all application materials to be the candidate's own original work. This ensures we can get a true understanding of your thought process and how you would uniquely contribute to our team.
In the market for… Excitement
-
Explore emerging technology and innovation, as well as ventures and digital finance that shape the future of global markets! Experience the movement of the market while grounded in the stability of close to 200 years of success.
Connection
-
With site hubs in some of the world’s most multicultural cities, we leverage our size and structure to create rich connections and belonging while experiencing powerful global impact through our work.
Impact
-
More than a platform, we use our talents to power mission-critical systems that drive global economic advancement, innovation, and growth. As well, our employee-led Team Impact spreads social good via our giving strategy.
Wellness
-
From empathetic leadership to a culture of flexibility and balance, we believe wellness at work creates the maximum yield and a stronger “we”. Plus, with a cloud-first and hybrid workstyle, as well as generous time-off and leaves, we support a life well lived!
Growth
-
From a growth mindset in our work, to expansion in our business, TMX is home to action-takers energized by the achievement of ambitious growth.
Ready to enrich your career with impactful work, leaders who truly care, and the flexibility and programs to help you thrive as part of #TeamTMX ? Apply now. Please note that our company is not currently sponsoring work permit applications and the applicant must be authorized to work in the country where this position is located. TMX is committed to creating and sustaining a collegial work environment in which all individuals are treated with dignity and respect and one which reflects the diversity of the community in which we operate. We provide accommodations for applicants and employees who require it .
About TMX Group
At TMX Group, we build world-class markets to enable businesses and investors to succeed and help communities thrive. Powered by our people, TMX has the means to bring inspired ideas to life, and to unlock human potential. We believe better markets serve as a propulsive engine, creating opportunities for bold and ambitious ideas to create a brighter future.
With offices in some of the world’s most multicultural cities, we proudly celebrate diversity, learn from one another, and cultivate true belonging in a Hybrid-First work environment. We are a global team, connected across multiple industries, and united by a common Purpose: To Make Markets Better and Empower Bold Ideas.
Our Mission We power capital and commodity markets with client-centric, technology-driven global solutions.
Our Vision To be an indispensable solution for companies around the world to raise capital and the preferred destination for traders and investors to prosper.
TMX Group companies includes: Toronto Stock Exchange, TSX Venture Exchange, TSX Trust, Montréal Exchange, TSX Alpha Exchange, Shorcan, CDCC, CDS, TMX Datalinx, TMX Insights and Trayport.
About the role
Venture outside the ordinary - TMX Careers The TMX group of companies includes leading global exchanges such as the Toronto Stock Exchange, Montreal Exchange, and numerous innovative organizations enhancing capital markets. United as a global team, we’re connecting cross-functionally, traversing industries and geographies, moving opportunity into action, advancing global economic growth, and propelling progress. Through a rich exchange of ideas, meaningful collaboration, and a nimble operating model, we're powering some of the nation's most critical systems, fueling capital formation and innovation, bringing increased opportunity to business visionaries, product ingenuity to consumers, and career exploration to our team.
Ready to be part of the action? The Information Security Office (ISO) at TMX is responsible for researching, deploying, and maintaining security technologies that support our
defense-in-depth strategy, in accordance with TMX regulations and policy. This includes robust security for our cloud environments,
especially Google Workspace and Google Cloud Platform (GCP).
Reporting to the Senior Manager of Security Operations, we're seeking a highly motivated and experienced Senior Google Security Analyst to
join our team. Your primary focus will be on ensuring the robust security of Google Workspace, though you'll also apply your expertise to our
growing Google Cloud Platform (GCP) footprint and ChromeOS devices. This is a pivotal role where you'll proactively identify threats,
respond to incidents, and continuously enhance our security posture across the entire Google ecosystem.
Key Responsibilities:
Leading Google Workspace Security: As the SOC and ISO expert, you'll administer, optimize, and review all security aspects
within Google Workspace, including Google Mail, Google Drive, Google Docs, etc.... Initiatives such as designing and
implementing Data Loss Prevention (DLP), managing sophisticated access controls like context-aware policies, enhancing
phishing / malware / fraud protection, and performing proactive audit log analysis. You'll also help to develop and enforce
robust security policies and configurations specifically for Workspace usage.
ChromeOS Device Security: You will be responsible for creating, maintaining, and enforcing security policies and
configurations for ChromeOS devices. This includes device enrollment, access controls, data protection, and secure browser
settings. You'll also lead the integration and management of third-party security tools (e.g., EDR, SIEM, CASB) with a
ChromeOS fleet to enhance endpoint detection and response capabilities.
Securing Google Cloud Platform (GCP): You'll design, implement, and manage security controls within GCP, leveraging native
services like IAM, VPC Service Controls, and Security Command Center, as well as various third-party security tools. Your
work will involve conducting security assessments, reviewing findings and applying security configurations for efficiency and
consistency.
Security Operations & Incident Response: You'll be actively involved in monitoring security logs and alerts from both Google
Workspace and GCP, utilizing our SIEM / SOAR platforms. This includes taking part in incident investigations, refining our
response playbooks, and performing proactive threat hunting across our Google ecosystem to identify emerging risks.
Risk Management & Collaboration: You'll identify and assess security vulnerabilities across both Google Workspace and GCP,
collaborating closely with development, operations, and IT teams to prioritize and remediate risks effectively. Staying current
with the latest cloud security trends will be key to embedding security best practices throughout our cloud infrastructure.
What You'll Bring:
Must-Haves:
- Bachelor's degree in Computer Science, Information Security, or a related field; or equivalent practical experience.
5+ years of dedicated experience in information security, with a significant portion focused on security operations or
engineering.
3+ years of hands-on experience and deep expertise in Google Workspace security administration and best practices
(formerly G Suite).
- Strong practical experience securing Google Cloud Platform (GCP) environments.
- Experience with ChromeOS device management and security, including policy creation and third-party security integrations.
Proficiency with security tools and technologies such as SIEM (e.g., Splunk, IBM QRadar), SOAR platforms, vulnerability
scanners, and network security controls.
- Experience with scripting languages (e.g., Python, Bash) for automation and security tool development.
- Excellent analytical, problem-solving, and communication skills.
- Ability to work both independently and as a vital part of a collaborative team.
Nice-To-Haves:
Relevant certifications such as:
- Google Workspace Administrator or Google Cloud Professional Cloud Security Engineer
- CISSP, CCSP
- GSEC, GCIH, GCIA
- Experience with container security (Docker, Kubernetes) in GCP.
- Familiarity with compliance frameworks (e.g., ISO 27001, SOC 2, HIPAA, PCI DSS).
We are committed to a fair evaluation process focused on your individual skills and experience. To that end, we expect all application materials to be the candidate's own original work. This ensures we can get a true understanding of your thought process and how you would uniquely contribute to our team.
In the market for… Excitement
-
Explore emerging technology and innovation, as well as ventures and digital finance that shape the future of global markets! Experience the movement of the market while grounded in the stability of close to 200 years of success.
Connection
-
With site hubs in some of the world’s most multicultural cities, we leverage our size and structure to create rich connections and belonging while experiencing powerful global impact through our work.
Impact
-
More than a platform, we use our talents to power mission-critical systems that drive global economic advancement, innovation, and growth. As well, our employee-led Team Impact spreads social good via our giving strategy.
Wellness
-
From empathetic leadership to a culture of flexibility and balance, we believe wellness at work creates the maximum yield and a stronger “we”. Plus, with a cloud-first and hybrid workstyle, as well as generous time-off and leaves, we support a life well lived!
Growth
-
From a growth mindset in our work, to expansion in our business, TMX is home to action-takers energized by the achievement of ambitious growth.
Ready to enrich your career with impactful work, leaders who truly care, and the flexibility and programs to help you thrive as part of #TeamTMX ? Apply now. Please note that our company is not currently sponsoring work permit applications and the applicant must be authorized to work in the country where this position is located. TMX is committed to creating and sustaining a collegial work environment in which all individuals are treated with dignity and respect and one which reflects the diversity of the community in which we operate. We provide accommodations for applicants and employees who require it .
About TMX Group
At TMX Group, we build world-class markets to enable businesses and investors to succeed and help communities thrive. Powered by our people, TMX has the means to bring inspired ideas to life, and to unlock human potential. We believe better markets serve as a propulsive engine, creating opportunities for bold and ambitious ideas to create a brighter future.
With offices in some of the world’s most multicultural cities, we proudly celebrate diversity, learn from one another, and cultivate true belonging in a Hybrid-First work environment. We are a global team, connected across multiple industries, and united by a common Purpose: To Make Markets Better and Empower Bold Ideas.
Our Mission We power capital and commodity markets with client-centric, technology-driven global solutions.
Our Vision To be an indispensable solution for companies around the world to raise capital and the preferred destination for traders and investors to prosper.
TMX Group companies includes: Toronto Stock Exchange, TSX Venture Exchange, TSX Trust, Montréal Exchange, TSX Alpha Exchange, Shorcan, CDCC, CDS, TMX Datalinx, TMX Insights and Trayport.