Head of Security GRC & Regulatory Assurance

Head of Security GRC & Regulatory Assurance page is loaded## Head of Security GRC & Regulatory Assurancelocations:

Toronto - 100 Adelaide St Wtime type:

Temps pleinposted on:

Publié il y a 21 jour(s)job requisition id:

R-5400**Venture outside the ordinary - TMX Careers**The TMX group of companies includes leading global exchanges such as the Toronto Stock Exchange, Montreal Exchange, and numerous innovative organizations enhancing capital markets.

United as a global team, we’re connecting cross-functionally, traversing industries and geographies, moving opportunity into action, advancing global economic growth, and propelling progress. Through a rich exchange of ideas, meaningful collaboration, and a nimble operating model, we're powering some of the nation's most critical systems, fueling capital formation and innovation, bringing increased opportunity to business visionaries, product ingenuity to consumers, and career exploration to our team.Reporting to the Chief Information Security Officer, the Head, Security Regulatory Compliance is a senior position accountable to ensure that all TMX business units and legal entities meet their cyber security regulatory requirements and manage cyber risk in accordance with the TMX Information Security Policy.

Key Accountabilities●

Works with business heads and the Boards to implement information security services and controls that manage their national and global business and compliance cyber risks●

Advises and reports to heads of TMX Business Units, the Board and the TMX EORC on cyber security regulatory matters and implications of new regulations coming from provincial, federal or international forums (e.g. Bank of Canada’s Expectations for Cyber Resilience for Financial Markets Infrastructures)●

Manages the relationship with key regulators such as Bank of Canada, OSFI, AMF, OSC, other provincial regulators, etc on topics of cyber resilience, and reports on behalf of TMX Business Units on specific compliance requirements

●

Represents TMX in international bodies such as The International Organization of Securities Commissions (IOSCO), The Committee on Payments and Market Infrastructures (CPMI),

international working groups (IWG) set up to implement the Principles for Financial Markets Infrastructures (PFMI) developed under the auspices of the Bank for International Settlements, World Federation of Exchanges (WFE), Working Groups sponsored by IOSCO, etc●

In partnership with business top management, establishes the information security strategy for the business/business partner area in line with their supervisory/regulatory obligations●

Develops and leads the implementation of strategies to reduce the likelihood of regulatory impacts due to non-compliance with the financial institution’s information security policies and standards, including local procedures specific to the business area●

Uses strategic relationships to influence at all levels of the organization●

Acts as primary point of contact and top technical authority for new and upcoming cybersecurity and cyber resiliency regulatory and supervisory requests and, in consultation with business leaders, provides comments on new rules, rules interpretations and guidance●

Works with business units heads to assess and plan for the financial impact and risk management requirements of new cyber-related regulatory requirements●

Develops and maintains a comprehensive understanding of the applicable cyber laws and regulations as well as requirements and resulting controls that enable compliance●

Develops the assessment program to review business areas compliance with cybersecurity regulatory obligations and report to the CISO, CIA and CRO.●

Collaborates with the TMX Legal, Risk and Governance (LRG) department and the Enterprise Risk Management (ERM) department to ensure executive awareness of cyber security regulatory requirements, and to prepare and manage holistic cyber risk reports for the EORC and the Boards.●

Act as primary point of contact within ITSS to respond to TMX clients inquiries about TMX security posture, or TMX response to widely advertised security vulnerabilities that are of concern for TMX clients.

Skills and Experience●

Minimum 20 years of IT experience, of which minimum 10 years are in information security in the financial industry●

Demonstrated extensive knowledge of information security best practices and a specialized understanding of the business areas control and information security environment●

Knowledge of the Canadian cybersecurity and FMI regulations is a must●

Knowledge of the US and global cybersecurity and cyber resilience regulations●

Superior written and oral communication skill to be able to describe technical concepts to both technical and non-technical audiences that include heads of business units, board members, internal and external auditors, provincial and federal regulators●

Ability to work with multiple teams to achieve common goals and meet deadlines in a fast-paced environment●

Can work independently with limited supervision and direction

Nice to Have Skills●

Knowledge of the Canadian Financial Markets

**In the market for…****Excitement** - Explore emerging technology and innovation, as well as ventures and digital finance that shape the future of global markets! Experience the movement of the market while grounded in the stability of close to 200 years of success.**Connection** - With site hubs in some of the world’s most multicultural cities, we leverage our size and structure to create rich connections and belonging while experiencing powerful global impact through our work.**Impact** - More than a platform, we use our talents to power mission-critical systems that drive global economic advancement, innovation, and growth. As well, our employee-led *Team Impact* spreads social good via our giving strategy.**Wellness** - From empathetic leadership to a culture of flexibility and balance, we believe wellness at work creates the maximum yield and a stronger “we”. Plus, with a cloud-first and hybrid workstyle, as well as generous time-off and leaves, we support a life well lived! **Growth** - From a growth mindset in our work, to expansion in our business, TMX is home to action-takers energized by the achievement of ambitious growth.*Please note that our company is not currently sponsoring work permit applications and the applicant must be authorized to work in the country where this position is located.**TMX is committed to creating and sustaining a collegial work environment in which all individuals are treated with dignity and respect and one which reflects the diversity of the community in which we operate. We provide accommodations for applicants and employees who require it*.[](blob:https://tmx.wd3.myworkdayjobs.com/5a59e0c5-531a-49e5-b198-4bdac3bcf551)0:00 / 1:09# **Notre culture:**Les sociétés membres du Groupe TMX comprennent de grandes bourses mondiales comme la Bourse de Toronto et la Bourse de Montréal, ainsi qu’un bon nombre d’organisations innovantes qui améliorent les marchés financiers. Regroupés au sein d’une même équipe, nous nouons des liens interfonctionnels et enjambons les barrières sectorielles et géographiques, désireux de concrétiser des occasions, de contribuer au progrès et de participer à la croissance économique mondiale. Le fourmillement d’idées, la franche collaboration et le modèle d’exploitation agile nous permettent de propulser des systèmes nationaux essentiels, d’alimenter la formation de capital et l’innovation, ainsi que d’offrir une foule de possibilités aux entrepreneurs visionnaires, des produits innovants aux consommateurs et une riche carrière à notre personnel. # **Nos activités:**Le Groupe TMX exploite #J-18808-Ljbffr