Senior Security Advisor Job at TMX Group, Remote

bkJjbGxDSmZaMGZzS0dpOXJ6RE9BcUZVUEE9PQ==
  • TMX Group
  • Remote

Job Description

Venture outside the ordinary - TMX Careers

The TMX group of companies includes leading global exchanges such as the Toronto Stock Exchange, Montreal Exchange, and numerous innovative organizations enhancing capital markets.  United as a global team, we’re connecting cross-functionally, traversing industries and geographies, moving opportunity into action, advancing global economic growth, and propelling progress. Through a rich exchange of ideas, meaningful collaboration, and a nimble operating model, we're powering some of the nation's most critical systems, fueling capital formation and innovation, bringing increased opportunity to business visionaries, product ingenuity to consumers, and career exploration to our team.

Ready to be part of the action?

Reporting to the Senior Manager - Governance Risk Compliance (GRC) department, the senior security advisor will contribute to the development, maturing, implementation and operation of the TMX information security program and cybersecurity governance structure. This role will provide support in assessing and managing cybersecurity risks, ensuring alignment with TMX Group security policies and industry best practices. 

The Advisor will work collaboratively with various business units and technology teams to promote a strong security culture and enhance the overall security posture and resilience of TMX Group.

Key Accountabilities:

  • Cybersecurity Policy Framework: Support the development and maintenance of the TMX Cybersecurity Policy Framework, considering specific security profiles and risk tolerances of various business units, systems, and cloud environments.
  • Cybersecurity Risk Assessments: Conduct Threat and Risk Assessments (TRAs) on various business units and initiatives, focusing on financial systems and their associated threats. Critically, these assessments must reflect the specific threats and vulnerabilities faced by each business unit, while considering both their individual risk appetite and the enterprise risk appetite of TMX Group as a whole. Provide input to risk mitigation strategies and remediation plans.
  • Security Standards and Guidelines: Assist in the development and implementation of security standards, guidelines, and best practices, ensuring alignment with industry standards such as NIST and ISO 27000 series. Adapt these standards to address the unique security challenges of TMX businesses, cloud environments, AI, and GenAI technologies.
  • Security Awareness and Training: Contribute to the development and delivery of cybersecurity awareness training programs for personnel and teams across TMX Group, tailored to different roles and responsibilities.
  • Cybersecurity Reporting: Assist in the development of security metrics: KRIs and KPIs. Contribute to reports related to the status of cybersecurity within TMX and the execution of risk remediation plans.
  • Data Privacy and Protection: Support the implementation and maintenance of data privacy and protection policies and procedures, ensuring compliance with relevant regulations like PIPEDA (Canada), GDPR (EU), and CCPA (California). Assist in conducting data protection impact assessments and data breach response activities.
  • Third-Party Risk Management: Contribute to the development, maturing, and implementation of a third-party risk management program, assessing and managing risks associated with all third-party relationships, including vendor security assessments.
  • Security Incident Response Planning: Participate in security incident response planning and contribute to the development and maintenance of incident response procedures. Note: Incident response execution is the responsibility of the Information Security Operations team.
  • Cybersecurity Resilience: Work with business units to integrate cybersecurity considerations into their business resilience plans. Help guide them in establishing and operating adequate plans to ensure business continuity in the face of cyber threats.
  • Cybersecurity Exercises and Testing: Contribute to the development and execution of cybersecurity Table Top Exercises for business units to enhance their preparedness for cyber incidents. Assist in defining the objectives and scope of regular penetration tests for technology systems.
  • Regulatory Compliance: Support compliance with relevant regulatory frameworks, such as PCI DSS, SOX, OSFI (Canada), or GLBA, by monitoring regulatory changes, conducting compliance assessments, and developing remediation plans.
  • Business Continuity and Disaster Recovery: Ensure cybersecurity considerations are integrated into business continuity and disaster recovery planning efforts.
  • Collaboration and Communication: Work closely with ITSS Architecture, Security Operations teams, Enterprise Risk Management, and other key stakeholders. Foster a collaborative environment to ensure effective communication and alignment on security initiatives.
  • Research and Innovation: Stay abreast of emerging cybersecurity threats, trends, and technologies, including those related to cloud environments, AI, and GenAI frameworks. Conduct research and analysis to identify innovative approaches and solutions for managing information security risks within TMX Group.
  • Vendor Security Assessments: Support the assessment of vendor products and services from a security perspective, providing recommendations related to purchase and merger & acquisition activities.

Must Haves:

  • University undergraduate degree in Computer Science, Engineering or a related field.
  • 5+ years of experience in information security or a related field, with experience in financial market infrastructure strongly preferred.
  • Proficiency in conducting threat and risk assessments, particularly within the context of financial systems.
  • Experience in developing, implementing, and operating information security programs and practices.
  • Strong understanding of cybersecurity frameworks and standards such as NIST, ISO 27001, and CISSP.
  • Knowledge of capital markets and cloud environments, including their security considerations.
  • Familiarity with AI and GenAI frameworks and their associated security risks.
  • Excellent communication, collaboration, and interpersonal skills, with the ability to interact effectively with both technical and non-technical audiences.
  • Strong analytical and problem-solving skills.
  • Knowledge of Python and process automation is considered a plus.
  • CISSP, CISA, CISM, or similar certifications are considered assets.

In the market for…

Excitement - Explore emerging technology and innovation, as well as ventures and digital finance that shape the future of global markets! Experience the movement of the market while grounded in the stability of close to 200 years of success.

Connection - With site hubs in some of the world’s most multicultural cities, we leverage our size and structure to create rich connections and belonging while experiencing powerful global impact through our work.

Impact - More than a platform, we use our talents to power mission-critical systems that drive global economic advancement, innovation, and growth. As well, our employee-led Team Impact spreads social good via our giving strategy.

Wellness - From empathetic leadership to a culture of flexibility and balance, we believe wellness at work creates the maximum yield and a stronger “we”. Plus, with a cloud-first and hybrid workstyle, as well as generous time-off and leaves, we support a life well lived! 

Growth - From a growth mindset in our work, to expansion in our business, TMX is home to action-takers energized by the achievement of ambitious growth.

Ready to enrich your career with impactful work, leaders who truly care, and the flexibility and programs to help you thrive as part of #TeamTMX ? Apply now.

TMX is committed to creating and sustaining a collegial work environment in which all individuals are treated with dignity and respect and one which reflects the diversity of the community in which we operate. We provide accommodations for applicants and employees who require it.

Job Tags

Remote job

Similar Jobs

Acclaim Systems, Inc.

call center representative Job at Acclaim Systems, Inc.

We will have few positions coming up later this month for call center rep. Pay rate $17.50 per hr plus benefits including PTO/Holidays. Remote Customer Service Agent Excellent Customer service and Call center experience Good communication skills...

System One

Finance Associate I Job at System One

 ...Type: Contract Compensation: $35.50/hour Hours: Monday through Friday, 8:00 a.m. to 5:00 p.m Responsibilities Coordinate and...  ...functionally to resolve discrepancies. Reliable and professional work-from-home setup for remote days. System One, and its subsidiaries... 

Blacker Orthodontics

Orthodontic Sterilization Technician Job at Blacker Orthodontics

 ...Job Title:Orthodontic Sterilization Technician Location: Chandler and Tempe Job Type: Full-time About Us: We are a busy, patient...  ...of sterilization supplies Qualifications: Previous dental or orthodontic experience preferred (but willing to train the right... 

Safe Harbor Home Care

Home Care Provider for Seniors Needed Job at Safe Harbor Home Care

 ...environment ~ Shifts throughout San Diego County Job Description Summary Personal Care Attendant-Caregivers provide non-medical service and assistance to a client in their home and communities, who, because of advanced age or physical or mental disability, cannot... 

Turboship Logistics

Package Delivery Driver Job at Turboship Logistics

 ...Job Description CALLING ALL DELIVERY DRIVERS! (Use Your Own Vehicle!) (FLEXIBLE Deliveries) We are a growing regional service partner looking...  ...and hardworking individuals to deliver small to medium-sized packages. We offer full-time, part-time, and seasonal job...