Tell us your story. Don’t go unnoticed. Explain why you’re a winning candidate. Think “TD” if you crave meaningful work and embrace change like we do. We are a trusted North American leader that cares about people and inspires them to grow and move forward.
Stay current and competitive. Carve out a career for yourself. Grow with us. Here’s our story: jobs.td.com
Building a World-Class Technology Team at TD
We can’t afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD’s technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.
TD Information Security covers the development and management of security strategies, policies and programs to assess, prioritize, and mitigate business risk with technology controls. Priorities include: mitigating and managing cyber security threats, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity, and partnering with businesses for better technology delivery by providing advice on technology controls.
There’s room to grow in all of it.
About This Role
Meaningful work is fueled by meaningful performance and career development conversations with your manager. Here’s some of what you may be asked to perform:
- Highly motivated, team-oriented, self-learner, responsible, and focused on exceeding expectations
- Strong organizational skills to facilitate management and tracking of large numbers of activities, findings, requirements and changes.
- Work with other team members and interact with end users to gather requirements, perform troubleshooting, and aid with the creation of Splunk use cases.
- Validate log sources and indexed data, search through indexed data to optimize search criteria, familiar with recognizing and onboarding new data sources into Splunk, analyzing the data for anomalies and trends.
- Add Customer Context, eliminate noise and false positives, and develop trends and data models.
- Sense of urgency, resourcefulness and enthusiasm in providing technical recommendations and solutions
- Ability to apply agile methodology & accurate logic and common sense in recommending technology and systems configuration decisions
- Ability to protect confidential information and act with a high level of integrity
- Diverse knowledge in current and emerging technologies in the space of Security Event Management and Security Analytics in particular
- Demonstrates understanding of the role of technology in business and information protection controls and operational governance as it applies to each functional area
- Ability to recommend and execute implementation activities in compliance with corporate security standards
- High level of confidence and assertiveness in high-pressure situations
- Ability to build strong relationships with and lead teams and individuals without direct reporting relationships
- Ability to quickly analyze large amounts of information and formulate action plans based on that analysis
- Excellent written and oral communications skills and ability to articulate and present information at different levels of technical staff
What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. It helps if you have:
- 2+ years of experience in performing security event management, security information event management and/or security analytics configuration and management, security use case development and tuning, operational management and administration in either an enterprise SIEM or cloud security environment.
- 2+ years of experience in developing and maintaining SIEM dashboards and/or reports.
- Experience with Systems design and engineering activities such as: solution design drafting, validation and review; solution implementation and configuration in a large enterprise setting, including computing platform, storage tier, networking settings and communication ports, middleware to support platforms and applications, etc.
- Experience with security event management and security analytics operational governance and fundamental processes.
- Design and drive technical plans toward security event management objectives such as: platform and services currency and capacity augmentation, net new log sources on-boarding (inclusive of testing and pre-production acceptance tasks), off-boarding, troubleshooting of in-place configurations to remedy technical issues arising from service interruptions, etc.
- Ability to develop work-shopping materials for activities and processes; run books for security event management and security analytics on-boarding/ off-boarding; intake management, requirements analysis, remediation, and reporting
- Knowledge of enterprise logging, with a focus on security event logging, knowledge of regular expressions.
- Good knowledge of SQL and SPL (Search Processing language).
- Familiar with patch management, vulnerability assessment, TRA and penetration testing processes and related products.
- Familiar with cyber security incident response procedures & industry trends.
- Experience with User Entity Behavior Analytics, Machine Learning and/or Cloud Security logging and monitoring is beneficial.
- Identify problems and understand when to fix or when to mitigate risk.
- Must have solid understanding of Network and Security infrastructure, topology including firewalls, routers, wireless access points, DNS, DHCP, Cloud operations, and Identity and Access Management technologies
- Experience with securing virtual, physical and cloud environments.
- Working Experience with the following technologies: Splunk (preferred), ArcSight, RSA, Securonix, QRadar or equivalent SIEM platforms; MS Azure Security Centre, Microsoft Cloud Application Security, or equivalent cloud security tools
- Professional IT security certification such as CISSP, SANS Certified Intrusion Analyst (GCIA), CompTIA Security+, CEH, GSEC and/or CISM is preferred
- An understanding of regulatory and Controls requirements: PCI, FFIEC, SOX, HIPAA, ISO 2700x, NIST standards
- 3 to 5 years’ work experience in information security, cyber security, data protection or a related field
- Minimum of a two-year degree in information protection, computer forensics, computer information systems, computer science, or information systems management
Join in on what others in TD Technology Solutions are doing:
- Inspire a positive work environment and help champion quality, innovation, teamwork and service to the business.
- Learn voraciously, stretch your thinking, share your knowledge and educate others.
- Communicate and collaborate with both technical and non-technical professionals.
- Cultivate winning relationships by building trust with business and technology partners.
- Share our commitment to productivity, effectiveness and operational efficiency.
- Embrace change and witness amazing things happen – from the inside.
At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live and serve. If you require an accommodation for the recruitment/interview process (including alternate formats of materials, or accessible meeting rooms or other accommodation), please let us know and we will work with you to meet your needs.