Sr. Security Analyst Job in Toronto for TMX |

Sr. Security Analyst

July 28 2021
Categories Analyst, Information Technology, Security, Continuity, Risk, Security, Protective Services, Defence
Toronto, ON
The Information Security Office (ISO) at TMX is responsible for researching, deploying, and maintaining Security Technologies that support the defense in depth methodology in accordance with TMX regulations and policy. This includes cloud and on-premises deployments and tie-ins to threat intelligence and audit reporting capabilities.

Collaborating with the Manager of Security Operations, the Senior Security Analyst is responsible for the design, planning, testing, implementation, and administration of industry-wide accepted Information Security principles, practices, and information systems to ensure the protection of information assets processed, stored or transmitted on-premise and in the TMX Group cloud instances.

The successful candidate will also evaluate the efficiency of Information Security solutions and processes in place, monitor for and identify security risks and exposures, determine the causes of security violations, assess, and implement procedures to prevent future incidents. The Senior Security Analyst will also be required to understand and provide assistance to system users relative to information systems and security matters.

  • Lead the implementation, configuration, and daily operation of Information Security technologies that are implemented in TMX Group cloud environments and on-premise
  • Manage and support Security technology across various business units for TMX Group Limited
  • Monitor and advise on Information Security compliance related to IT to ensure security controls are functioning appropriately
  • Support the ongoing Security control processes within the enterprise which includes security technologies, networks, information systems, and endpoints both on-premise and in the cloud
  • Influences internal partners to ensure they build solutions consistent with the organization's planned policies, programs, architectural recommendations, and Information Security standards
  • Manage requirements documentation, analyzes opinions, and proposes solutions that leverage resources for highly sophisticated projects
  • Assist in the design and implementation of resilient Information Security architecture and technologies for efficient threat protection, monitoring, and Incident Response
  • Analyzes threat and vulnerability feeds and analyzes data for applicability to TMX’s environment including the identification and resolution of false-positive findings in assessment results, as well as perform compensating controls analysis and validate the efficacy of existing controls
  • Understanding of threat models, impact levels, and the different approaches and methodologies i.e. black/grey/white box testing
  • Develop innovative and secure solutions and provide mentorship for TMX Group Limited stakeholders
  • Work with Security and IT stakeholders to implement a risk management program that allows for the identification and remediation of Information Security risks
  • Advise the organization about Information Security threats, technologies, and related regulatory requirements
  • Develop and implement Information Security metrics, measurement criteria, and reporting to ensure compliance and continuous improvement for cloud tools and environments
  • Assesses information technology control elements to mitigate IT risks regarding the confidentiality, integrity, and availability of business information

Preferred Qualifications:

  • 5+ years of Security System administration and engineering experience
  • 2+ years of SOC experience, or responding to cybersecurity investigations
  • 2+ years experience with SIEM, DLP, and CASB
  • CCSP, CCSK, CISSP, CISM, ISO 27001/27002 certifications as an asset
  • 2+ years experience with Amazon Web Services (AWS) platform capabilities and best practices architectures, Google Compute Platform (GCP) an asset
  • Experience with Splunk, Tripwire, HX, Qradar, McAfee, F5, Imperva, Nexpose, Fortinet, or similar technologies
  • Virtualization and cloud platforms: VMware, Xenserver and KVM, OpenStack, Cloudstack, AWS, GCP
  • Linux and/or Windows administration and troubleshooting experience
  • Programming/scripting experience, preferably with a diversity of languages
  • Proficient in internet architectures, including web, application, and database components such as Apache, IIS, memcache, MySQL, SQL Server, etc.
  • Experience utilizing or implementing the MITRE ATT&CK framework.
  • Experience with UEBA and other Security Analytics Platforms.
  • General Networking skills required (Layer 2 & 3 switches, OSI Model, TCP/IP, SNMP, etc.)
  • Strong interpersonal communication skills and the ability to communicate with customers, vendors and partners, and across all levels of the organization
  • Ability to interact, develop, engineer, and communicate at the highest technical levels of interpersonal decision-making
  • Excellent oral and written communications for the development of the security program, strategy, guidelines, policies, standards, and for presentations to technical and non-technical audiences at all levels of the organization
  • Ability to build and work with multi-disciplinary teams to achieve goals and to meet deadlines in a fast-paced environment
  • Works well under pressure and time constraints and can prioritize competing priorities appropriately
  • Strong business and technical acumen

TMX is committed to creating and sustaining a collegial work environment in which all individuals are treated with dignity and respect and one which reflects the diversity of the community in which we operate. We provide accommodations for applicants and employees who require it.

Apply now!