Venture outside the ordinary - TMX Careers
The TMX group of companies includes leading global exchanges such as the Toronto Stock Exchange, Montreal Exchange, and numerous innovative organizations enhancing capital markets. United as a global team, we’re connecting cross-functionally, traversing industries and geographies, moving opportunity into action, advancing global economic growth, and propelling progress. Through a rich exchange of ideas, meaningful collaboration, and a nimble operating model, we're powering some of the nation's most critical systems, fueling capital formation and innovation, bringing increased opportunity to business visionaries, product ingenuity to consumers, and career exploration to our team.
Ready to be part of the action?
Reporting to the Senior Manager - Governance Risk Compliance (GRC) department, the senior security advisor will contribute to the development, maturing, implementation and operation of the TMX information security program and cybersecurity governance structure. This role will provide support in assessing and managing cybersecurity risks, ensuring alignment with TMX Group security policies and industry best practices.
The Advisor will work collaboratively with various business units and technology teams to promote a strong security culture and enhance the overall security posture and resilience of TMX Group.
Key Accountabilities:
Support the development and maintenance of the TMX Cybersecurity Policy Framework, considering specific security profiles and risk tolerances of various business units, systems, and cloud environments.
Conduct Threat and Risk Assessments (TRAs) on various business units and initiatives, focusing on financial systems and their associated threats. Critically, these assessments must reflect the specific threats and vulnerabilities faced by each business unit, while considering both their individual risk appetite and the enterprise risk appetite of TMX Group as a whole. Provide input to risk mitigation strategies and remediation plans.
Assist in the development and implementation of security standards, guidelines, and best practices, ensuring alignment with industry standards such as NIST and ISO 27000 series. Adapt these standards to address the unique security challenges of TMX businesses, cloud environments, AI, and GenAI technologies.
Contribute to the development and delivery of cybersecurity awareness training programs for personnel and teams across TMX Group, tailored to different roles and responsibilities.
Assist in the development of security metrics: KRIs and KPIs. Contribute to reports related to the status of cybersecurity within TMX and the execution of risk remediation plans.
Support the implementation and maintenance of data privacy and protection policies and procedures, ensuring compliance with relevant regulations like PIPEDA (Canada), GDPR (EU), and CCPA (California). Assist in conducting data protection impact assessments and data breach response activities.
Risk Management:
Contribute to the development, maturing, and implementation of a third-party risk management program, assessing and managing risks associated with all third-party relationships, including vendor security assessments.
Participate in security incident response planning and contribute to the development and maintenance of incident response procedures.
Note:
Incident response execution is the responsibility of the Information Security Operations team.
Work with business units to integrate cybersecurity considerations into their business resilience plans. Help guide them in establishing and operating adequate plans to ensure business continuity in the face of cyber threats.
Contribute to the development and execution of cybersecurity Table Top Exercises for business units to enhance their preparedness for cyber incidents. Assist in defining the objectives and…
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search: