Participate in the development of security architecture for financial systems.
Provide security expertise and direction to the project on security architecture and design, software development, operationalization, maintenance, governance, and risk management.
Contribute to portfolio design initiatives by implementation and adoption of security related infrastructure/technology associated with networks, internet, messaging, operating systems, firewalls, VPNs, intrusion detection, cryptography, Wi-Fi, cloud and mobile solutions.
Supports new projects in formulating security requirements.
Provide recommendations on appropriate security technology and controls for new projects, based on best industry practices and TMX security standards.
Represent Information Security in multiple concurrent projects.
Conduct security and risk assessments.
Identify the risks resulting from the lack of compliance with internal controls and the risks related to TMX’s assets, while ensuring that adequate controls are maintained.
Work collaboratively with TMX business and technology teams to identify solutions and actions needed as a result of security and risk assessment issues.
Interface with technology and business-services vendors, to ensure that TMX acquires products and services that adequately protect confidentiality, integrity and availability of TMX informational assets.
Must Have Skills:
3 – 5 years of IT experience, with minimum 2 years in information security architecture.
Undergraduate degree in Computer Science or Engineering. Graduate degree, preferred.
Strong analytical and research skills combined with ability to translate theoretical knowledge into practical solutions to the security problems.
Understanding of security risk management methodologies and frameworks.
Ability to work with technical and non-technical TMX teams to achieve goals and meet deadlines in a fast-paced environment.
Experience in the following areas:
Financial applications and systems architectures.
Financial systems and applications security architecture, design, and review.
Security of service oriented and microservices architectures.
IT infrastructure and network security.
Secure coding practices.
Static and dynamic code reviews.
Security system testing and penetration testing.
Cryptographic techniques and tools.
Single-sign-on and Identity & Access Management techniques and tools.
Security aspects of enterprise application integration.
Ability to determine business impact of technology security vulnerabilities and to communicate it to business and non-technical staff.
NIST and ISO best practices and improvement approaches.
Hi! How can we help you?
Click below button to start chat