Trading Technology Security Analyst

Job ID 45925370992 Date posted 03/13/2023

Primary Locations: Toronto, Ontario

Attendance: Hybrid

Location: Toronto

Are you ready to join our team of designers, builders, and integrators of world class trading technology?  Are you motivated by accomplishing remarkable things that have a positive impact and change the world?  As the member of our Electronic Trading Technology Team, you will work with our developers, quants, traders, and technology experts to implement, test, and continuously deliver new features, services and products to our customers.

National Bank of Canada is seeking a Capital Markets oriented Security Analyst to join our Global Electronic Trading Technology Team.

As part of the GETT Team, you will report to the Senior Manager Electronic Trading Technology while working to continuously improve our security posture and services through monitoring, identifying, and correcting security gaps and implementing effective countermeasures.

Job Responsibilities

• Leverage your previous Capital Markets Security design and implementation experience to contribute to securing our trading environment without compromising performance and latency.
• Implement and Monitor alerts for potential security incidents.  Efficiently vet and action requests for information.  This includes, but is not limited to monitoring of real-time channels, tools, dashboards, periodic reports, chat sessions, and tickets.
• Follow incident-specific procedures performing basic triage of potential security incidents to determine their nature, priority and eliminate obvious false positives while processing reports of information as required.
• Escalate potential security incidents to senior analysts and implement countermeasures/mitigating controls when needed.
• Serve as a subject matter expert for all GETT initiatives, contributing to creative and effective security controls as required while maintaining optimal system performance.
• Coordinate within GETT, stakeholders and third-party security service providers to triage alerts, events, or incidents.
• Monitor and analyze GETT Security Information and Event Management (SIEM) to identify security issues for remediation.
• Knowledge of creating Security Information Event Management (SIEM) policy rulesets.  Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information.
• Create, update, and generally maintain all security related documentation as well as all recording all actions taken in Jira and/or Confluence.
• Oversee and complete penetration tests and phishing exercises as required.
• Represent GETT to our partners within National Bank of Canada as well as the trading industry in General.
• Contribute to the security education and awareness of our team by producing and/or acquiring relevant materials, notices, sessions, and other means on a regular basis.

We want to contribute to your quality of life by offering you as much flexibility as possible in your work. For example, we offer hybrid work (remote and in the office), work schedule arrangements to help you achieve work/life balance and flexible leave that you can take when it’s important to you.

Requirements

• Total experience of 3-6 Years with a minimum of three years in the Capital Markets Information Security / Cybersecurity domain with a focus on security design, event monitoring and analysis.
• Proven track record and experience of the following in an ultra-low latency and highly complex global trading environment:

• Detecting and Analyzing security events domestically, internationally or distributed within our environment.
• Performing triage of potential security incidents
• Certifications: Professional security management certification preferred, such as Certified Intrusion Analyst (GIAC), Continuous Monitoring (GMON), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Managers (CISM), Certified Information Systems Auditor (CISA).
• Experience with the technologies including, but not limited to SIEM, IDS/IPS, Network/Host based firewalls, data leakage prevention (DLP).
• Understanding of possible attack activities such as network probing/ scanning, DDOS, malicious code activity, etc.
• Experience scripting in a major language (python/bash/PowerShell)

• Experience with trading and exchange infrastructure including market data and order entry principles.
• CSC and Trading System experience an asset.
• Understanding of common network devices such as routers, switches.
• Understanding of basic networking protocols such as IP, DNS, HTTP.
• Excellent written and verbal communication skills, interpersonal and collaborative skills.
• Strong analytical and problem-solving skills.
• Self-motivated to improve knowledge and skills.
• A strong desire to understand what / why / how of security incidents.

Your benefits:

In addition to competitive compensation, upon hiring you’ll be eligible for a wide range of flexible benefits to help promote your wellbeing and that of your family.

• Health and wellness program, including many options
• Flexible group insurance
• Generous pension plan
• Employee Share Ownership Plan
• Employee and Family Assistance Program
• Preferential banking services
• Initiatives promoting community involvement
• Telemedicine service
• Virtual sleep clinic

These are a few of the benefits available to you. We have an offer that keeps up with trends as well as your needs and those of your family. 

Our dynamic work environments and cutting-edge collaboration tools foster a positive employee experience. We actively listen to employees’ ideas. Whether through our surveys or programs, regular feedback and ongoing communication is encouraged.

We're putting people first : 

We're a bank on a human scale that stands out for its courage, entrepreneurial culture, and passion for people.   Our mission is to have a positive impact on peoples' lives.

Our core values of partnership, agility, and empowerment inspire us, and inclusivity is central to our commitments. We offer a barrier-free workplace that is accessible to all employees. 

We want our recruitment process to be fully accessible. If you require accommodations, feel free to let us know during your first conversations with us.

We welcome all candidates! What can you bring to our team?

Ready to live your ambitions?