VENTURE OUTSIDE THE ORDINARY - TMX CAREERS

The TMX group of companies includes leading global exchanges such as the Toronto Stock Exchange, Montreal Exchange, and numerous innovative organizations enhancing capital markets. United as a global team, we’re connecting cross-functionally, traversing industries and geographies, moving opportunity into action, advancing global economic growth, and propelling progress. Through a rich exchange of ideas, meaningful collaboration, and a nimble operating model, we’re powering some of the nation’s most critical systems, fueling capital formation and innovation, bringing increased opportunity to business visionaries, product ingenuity to consumers, and career exploration to our team.

READY TO BE PART OF THE ACTION?

The Information Security Office (ISO) at TMX is responsible for researching, deploying, and maintaining security technologies that support our
defense-in-depth strategy, in accordance with TMX regulations and policy. This includes robust security for our cloud environments,
especially Google Workspace and Google Cloud Platform (GCP).
Reporting to the Senior Manager of Security Operations, we’re seeking a highly motivated and experienced Senior Google Security Analyst to
join our team. Your primary focus will be on ensuring the robust security of Google Workspace, though you’ll also apply your expertise to our
growing Google Cloud Platform (GCP) footprint and ChromeOS devices. This is a pivotal role where you’ll proactively identify threats,
respond to incidents, and continuously enhance our security posture across the entire Google ecosystem.

Leading Google Workspace Security: As the subject matter expert for Google Workspace security, you will administer, optimize, and review all security aspects within the platform. Key initiatives will include:

• Designing and implementing Data Loss Prevention (DLP) rules.
• Managing sophisticated access controls, such as context-aware policies.
• Enhancing phishing, malware, and fraud protection.
• Performing proactive audit log analysis.
• Developing and enforcing robust security policies and configurations for Workspace usage.

ChromeOS Device Security: You will be responsible for creating, maintaining, and enforcing security policies and configurations for our fleet of ChromeOS devices. This includes:

• Overseeing device enrollment and access controls.
• Implementing data protection measures and secure browser settings.
• Leading the integration and management of third-party security tools (e.g., EDR, SIEM, CASB) to enhance endpoint detection and response capabilities.

Securing Google Cloud Platform (GCP): You’ll design, implement, and manage security controls within GCP. Your work will involve:

• Leveraging native services like IAM, VPC Service Controls, and Security Command Center.
• Integrating and managing various third-party security tools.
• Conducting security assessments, reviewing findings, and applying security configurations for efficiency and consistency.

Security Operations & Incident Response: You’ll actively monitor security logs and alerts from both Google Workspace and GCP using our SIEM and SOAR platforms. This includes:

• Participating in incident investigations and refining response playbooks.
• Performing proactive threat hunting across our Google ecosystem to identify and mitigate emerging risks.

Risk Management & Collaboration: You will identify and assess security vulnerabilities across Google Workspace and GCP, collaborating closely with development, operations, and IT teams to prioritize and remediate risks effectively. Staying current with the latest cloud security trends will be key to embedding security best practices throughout our infrastructure.