Tell us your story. Don’t go unnoticed. Explain why you’re a winning candidate. Think “TD” if you crave meaningful work and embrace change like we do. We are a trusted North American leader that cares about people and inspires them to grow and move forward.
Stay current and competitive. Carve out a career for yourself. Grow with us. Here’s our story: jobs.td.com
Building a World-Class Technology Team at TD
We can’t afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD’s technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.
TD Information Security covers the development and management of security strategies, policies and programs to assess, prioritize, and mitigate business risk with technology controls. Priorities include: mitigating and managing cyber security threats, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity, and partnering with businesses for better technology delivery by providing advice on technology controls.
There’s room to grow in all of it.
About This Role
We are looking for someone to develop and implement Technology Controls and Information Security related policies, programs and tools. You will provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect TD. You may also participate on projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.
Meaningful work is fueled by meaningful performance and career development conversations with your manager. Here’s some of what you may be asked to perform:
- Guide partners on a broad range of specific Technology Controls and Information Security programs, policies, standards and incidents.
- Conduct risk assessment, required controls definition, control procedure appropriateness, vulnerability assessments and any other relevant areas.
- Lead or contribute to the completion of risk and control design assessments for an assigned business application, business portfolio, and overall enterprise, as well as risk mitigation and remediation plans and remediation strategy.
- Contribute to the definition, development, and oversight of a global security management strategy and framework.
- Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats against TDBG’s business.
- Develop on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.
- Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.
- Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
- Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.
- Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise .
What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. It helps if you have:
- University Degree.
- Information Security Certification / Accreditation an asset.
- 7+ years of relevant experience.
- Expert knowledge of IT security and risk disciplines and practices.
- Advanced knowledge of of organization, technology controls, security and risk issues.
- Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.
- Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors.
This role will be focal to define, document, ensure completeness and correctness of implemented technical and process controls related to the technical security controls related to end-point devices implemented or operated in TD Azure Cloud:
- Direct and provide hardening guidance for cloud services from Cloud Service Providers such as Microsoft and Amazon.
- Develop, implement, monitor and enhance data security policies, procedures, and standards related to TD Azure Cloud
- Performing in-depth risk assessments to ensure that the security safeguards and controls are in-line with our security policy and standards
- Review infrastructure design on-premise and on the Cloud (inclusive of container security architecture, data security architecture, network security architecture, and operational security architecture)
- Review the infrastructure & microservices design against different security regulatory, industry, and internal standards such as TD Cloud Control Matrix, NIST, HITRUST CSA Containers’ security guidelines, and identify the necessary security architecture requirements
- Executing on Cloud security engagements during different phases of the lifecycle – assess, design, and implementation. Implementing industry-leading practices around cyber risks and Cloud security
- Create technical and managerial level reports (KPI) and risk assessments for on-premise and Cloud-based applications and infrastructure
- Ensure a “single pane of glass” into end-point controls and full automation of end-point controls in the eco system of TD Azure Cloud is automated from implementation, reporting and remediation perspective
- Research, create, develop, and enforce security policies, standards, and procedures to ensure the protection of the organization’s security and systems as specified by the HITRUST/NIST control framework
Provide IT and business resources guidance in interpreting security compliance requirements and performing application and system security assessments
At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live and serve. If you require an accommodation for the recruitment/interview process (including alternate formats of materials, or accessible meeting rooms or other accommodation), please let us know and we will work with you to meet your needs.