Senior Security Operations Engineer
TMX Group View all jobs
- Toronto, ON
- Permanent
- Full-time
Reporting to the Senior Manager of Security Operations, we are seeking a highly skilled Senior Security Engineer to contribute to the design, implementation, and maintenance of the security infrastructure that protects our enterprise. This is an engineering-focused role for a "builder" who loves to work with security technology. Working alongside other senior resources, you will serve as a key contributor to our security toolsets. While you will support incident response, and vulnerability management, your primary focus will be on engineering robust, automated, and scalable security solutions.Key Responsibilities:
- Design & Deploy Security Solutions: Contribute to the architecture, evaluation, proof-of-concept, and deployment of new security technologies.
- Manage & Optimize Security Stack: Collaborate on the full lifecycle of our security toolset, including advanced configuration, tuning, and health monitoring.
- Develop Security Automation: Automating security tasks, processes, and tool integrations. Develop and support SOAR playbooks to streamline security operations.
- Engineer Detections: Research emerging threats and develop custom detection rules, analytics, and correlations within our SIEM and other detection platforms.
- Technical Escalation: Serve as one of our senior technical experts, providing tool-specific analysis and engineering support during complex investigations.
- Create Documentation: Develop and maintain comprehensive architectural diagrams, configuration documentation, and standard operating procedures for our security systems.
- Vulnerability & Patch Management: Assist with the enterprise vulnerability management lifecycle, including routine scanning and coordinating remediation efforts with IT teams.
- Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.
- 7+ years of hands-on experience in a Security Engineering role.
- 4+ years of deep technical expertise in administering, implementing, and tuning core security technologies, such as SIEM (e.g., Splunk), EDR (e.g., CrowdStrike), Network Security (Firewalls, WAFs, IDS/IPS, NAC), and vulnerability management tools (e.g., Rapid7, CVM).
- Strong scripting and automation skills with Security Orchestration, Automation, and Response (SOAR) platforms, and experience with APIs.
- Hands-on experience and expertise in Google Workspace security administration and best practices (formerly GSuite) is an asset.
- Solid understanding of network architecture, operating systems (Windows, Linux), and common attack vectors.
- A "builder" mindset with a passion for solving problems with technology and automation.
- Excellent analytical, problem-solving, and communication skills.
- Ability to work both independently and as a vital part of a collaborative team.
- Experience with Infrastructure as Code (IaC) tools like Terraform or Ansible.
- Knowledge of containers and Kubernetes security.
- Experience with AI Security & Governance (e.g., OWASP Top 10 for LLMs, AI DLP, API security, and controls)
- Relevant industry certifications (e.g., CISSP, GSEC, GCIH, or cloud-specific security certs like AWS/Azure Security Specialist).
- Familiarity with compliance frameworks (e.g., SOC 2, ISO 27001, NIST).