Search jobs > Toronto, ON > Security analyst

Senior Cloud Security Analyst (AWS)

Montreal Exchange
Toronto, ON
$75.6K-$95.7K a year (estimated)
Full-time

Venture outside the ordinary - TMX Careers

The TMX group of companies includes leading global exchanges such as the Toronto Stock Exchange, Montreal Exchange, and numerous innovative organizations enhancing capital markets.

United as a global team, we're connecting cross-functionally, traversing industries and geographies, moving opportunity into action, advancing global economic growth, and propelling progress.

Through a rich exchange of ideas, meaningful collaboration, and a nimble operating model, we're powering some of the nation's most critical systems, fueling capital formation and innovation, bringing increased opportunity to business visionaries, product ingenuity to consumers, and career exploration to our team.

Ready to be part of the action?

The Information Security Office (ISO) at TMX is responsible for researching, deploying and maintaining Security Technologies that support our defense in depth strategy in accordance with TMX regulations and guidelines.

This includes cloud deployments and tie-ins to threat intelligence and audit reporting capabilities.

Reporting to the Senior Manager of Security Operations, the Cloud Security Specialist is responsible for the design, planning, testing, implementation, and administration of industry-wide accepted Cyber Security principles, practices, and information systems to ensure the protection of information assets processed, stored, or transmitted in the TMX Group cloud instances, across various cloud services providers.

The successful candidate will also evaluate the effectiveness of Information Security solutions and processes in place, monitor for and identify security risks and exposures, determine the causes of security investigations, incidents, as well as assess, and implement procedures to prevent future incidents.

As a member of the Information Security Team, the Cloud Security Specialist will be the liaison between Security Operations and the Cloud Technology and Infrastructure Support teams.

Job Responsibilities :

  • Lead the implementation, configuration, and daily operation of Cyber Security technologies that are implemented within the TMX Group cloud environments.
  • Manage and support Security technology across various business units for TMX Group Limited.
  • Monitor and advise on Information Security compliance related to IT to ensure Security controls are functioning appropriately within the TMX cloud environments.
  • Support the ongoing Security control processes within the enterprise which includes security technologies, networks, information systems, and endpoints in the cloud.
  • Influences internal partners to ensure they build solutions consistent with the organization's planned policies, programs, architectural recommendations, and Information Security standards within the cloud.
  • Manage requirements documentation, analyzes opinions, and proposes solutions that leverage resources for highly sophisticated projects within the cloud.
  • Assist in the design and implementation of resilient Information Security architecture and technologies for optimal threat protection, monitoring and Incident Response within the cloud
  • Analyze threat and vulnerability feeds data for applicability to TMX's cloud environment including the identification and resolution of false positive findings in assessment results, as well as perform compensating controls analysis and validate efficacy of existing controls.
  • Understanding of threat models, impact levels, and the different approaches and methodologies i.e. black / gray / white box testing.
  • Develop innovative and secure solutions and provide mentorship for TMX Group stakeholders.
  • Work with Security and IT stakeholders to implement a risk management program that allows for the identification and remediation of Information Security risks within the cloud.
  • Advise the organization about Information Security threats, technologies and related regulatory requirements in scope of cloud functions.
  • Develop and implement Information Security metrics, measurement criteria and reporting to ensure compliance and continuous improvement for cloud tools and environments.
  • Assesses information technology control elements to mitigate IT risks regarding the confidentiality, integrity and availability of business information.

Preferred Qualifications :

  • 5+ years of experience with Amazon Web Services (AWS) platform capabilities, best practices with architectures, and security tool-sets.
  • 3+ years Security System administration and engineering experience in cloud infrastructure.
  • 2+ years of SOC experience, or responding to traditional or cloud based cyber security investigations.
  • CCSP, CISSP, certifications strong assets.
  • Strong experience with AWS WAF & Shield, AWS BotControl, AWS Cloudformation, AWS Athena, AWS CloudTrail, AWS S3, AWS GuardDuty, AWS IAM.
  • Strong experience with Palo Alto NGFW technologies, including firewalls, Prisma, and SD-WAN.
  • Strong experience with other cloud technologies such as Terraform, Ansible, Hashicorp Vault.
  • Experience utilizing or implementing the MITRE ATT&CK framework.
  • Experience with Splunk, CrowdStrike, Qradar, McAfee, F5, Nexpose, Fortinet technologies.
  • Experience with Google Compute Platform (GCP) and Microsoft Azure Cloud is an asset.
  • Experience in cloud based, incident response and forensics a strong asset.
  • Experience with UEBA and other Security Analytics Platforms.
  • Linux and / or Windows administration and troubleshooting experience
  • Programming / scripting experience, preferably with a diversity of languages
  • General networking skills required (Layer 2 & 3 switches, OSI Model, TCP / IP, SNMP, etc.)
  • Strong interpersonal communication skills and the ability to communicate with clients, vendors and partners, and across all levels of the organization.
  • Excellent oral and written communications for the development of the security program, strategy, guidelines, policies, standards and for presentations to technical and non-technical audiences at all levels of the organization.
  • Ability to build and work with multi-disciplinary teams to achieve goals and to meet deadlines in a fast-paced environment.
  • Works well under pressure and time constraints and can prioritize competing priorities appropriately.

In the market for...

Excitement - Explore emerging technology and innovation, as well as ventures and digital finance that shape the future of global markets! Experience the movement of the market while grounded in the stability of close to 200 years of success.

Connection - With site hubs in some of the world's most multicultural cities, we leverage our size and structure to create rich connections and belonging while experiencing powerful global impact through our work.

Impact - More than a platform, we use our talents to power mission-critical systems that drive global economic advancement, innovation, and growth.

As well, our employee-led Team Impact spreads social good via our giving strategy.

Wellness - From empathetic leadership to a culture of flexibility and balance, we believe wellness at work creates the maximum yield and a stronger "we".

Plus, with a cloud-first and hybrid workstyle, as well as generous time-off and leaves, we support a life well lived!

Growth - From a growth mindset in our work, to expansion in our business, TMX is home to action-takers energized by the achievement of ambitious growth.

Ready to enrich your career with impactful work, leaders who truly care, and the flexibility and programs to help you thrive as part of #TeamTMX ? Apply now.

TMX is committed to creating and sustaining a collegial work environment in which all individuals are treated with dignity and respect and one which reflects the diversity of the community in which we operate.

We provide accommodations for applicants and employees who require it.

30+ days ago
Related jobs
0000050007 Royal Bank of Canada
Toronto, Ontario

As a Senior Cyber Security Analyst in the Identity Access Management (IAM) Team, you will work with the IAM Application Onboarding Team to integrate RBC applications onto IAM solutions ( Entra ID (Azure), Sailpoint IIQ, CyberArk, etc). Confidentiality, Cyber Security Management, Decision Making, Det...

Alterna
Toronto, Ontario

The IT Senior Security Analyst is expected to be fully aware of the enterprise's security goals and to actively work to support these goals. Recommend and implement improvements to security tools, configurations, processes and policies, and research additional security solutions or enhancements to i...

Bennett Jones
Toronto, Ontario

Maintaining compliance with ISO /2 by: Making suggestions to improve Standard Operating Procedures (SOPs) for daily security operations, existing security procedures, processes, and security solutions in place, as well as the overall security posture of the Firm. Administration of information securi...

N. Harris Computer Corporation - USA
.,Ontario,Remote
Remote

As the Cloud Security Analyst, you will utilize your wide area of expertise in access control management, cybersecurity, vulnerability management, risk management, incident management, security frameworks and other areas to provide security support for the Harris group of companies. Harris Corporate...

Royal Bank of Canada>
Toronto, Ontario

As a Senior Cyber Security Analyst in the Identity Access Management (IAM) Team, you will work with the IAM Application Onboarding Team to integrate RBC applications onto IAM solutions ( Entra ID (Azure), Sailpoint IIQ, CyberArk, etc). Confidentiality, Cyber Security Management, Decision Making, Det...

Amazon
Toronto, Ontario

The AWS Application Security's Prevention Engineering team is looking for a curious and motivated engineer and leader to deliver solutions that provide secure-by-default libraries and components that delight AWS builders. You will be responsible building tooling that AWS product teams use to build s...

Royal Bank of Canada>
Toronto, Ontario

Join our dynamic team as a “Senior Analyst - Cyber Security, and IT Risk Management”, where you will play a pivotal role in advancing our organization's technology, risk, security, and operations landscape. Critical Thinking, Cyber Security Management, Decision Making, Detail-Oriented, Information S...

S.i. Systems
Toronto, Ontario

Position Title: Risk Analyst - Senior. The main functions of a Risk Analyst are to gather and analyze technology risk and cyber security information; will typically conduct qualitative and quantitative analyses of data/information affecting infrastructure operations processes and controls of The Ban...

Intercast Staffing
Toronto, Ontario

Our client, a major post-secondary institution, is looking to bolster their security program with the addition of two Senior Security Analysts. Experience performing security assessments of infrastructure (cloud and on-premises), applications and websites. Minimum 5 years of Information security exp...

Intact Financial Corporation
Toronto, Ontario

We are seeking a highly skilled and experienced senior IT business analyst with expertise in security, and reporting to join our cybersecurity team. Collaborate with business stakeholders to understand their security needs, challenges, and objectives, and translate them into actionable requirements ...