Job Description

Work Location: Toronto, Ontario, Canada
Hours: 37.5
Line of Business: Technology Solutions
Pay Details: $114,000.00 - $136,800.00 CAD
This role is temporarily eligible for a pay premium above the posted salary range that is reassessed annually. You are encouraged to have an open dialogue with your recruiter who can provide more specific pay details for this role.
TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs.
As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role.
:

Drive forward-looking security strategy and engineering solutions for Generative AI and LLM platforms while specializing in leveraging AI security capabilities to augment and fortify existing enterprise solutions. You will act as a key technical leader, bridging the gap between cutting-edge AI innovation and core infrastructure security.
This role is primarily focused on researching, evaluating, and conducting proof-of-concepts for new security technologies and protocols that protect our assets deployed in Azure, Google Cloud, or On-Premises. You will focus on high-impact areas, including Agentic AI protocols (A2A, MCP), API security, Identity and Access Management, and third-party Integration for LLMs, AI models, and RAG applications.
You will partner closely with AI Development teams to provide essential infrastructure security expertise to support broader security initiatives, as well as the Dev-Sec-Ops and Platform Engineering teams to translate successful security PoC's into robust, productive-ready solutions and infrastructure controls.
DETAILED
Key Responsibilities: Research, Evaluation, and Design
This role is primarily focused on providing AI Security Infrastructure solutions, researching, evaluating, and designing solutions that mitigate gaps in security controls, and support leadership strategy and road maps. You will be responsible for conducting proof-of-concepts (PoC's) for new security technologies and protocols, and support hardening efforts to protect our mission-critical assets deployed across Azure, Google Cloud, and On-Premises environments.
1. Advanced Protocol and Application Security
Generative AI Protocols: Evaluate and secure emerging standards for multi-agent workflows, such as the Agent-to-Agent (A2A) and Model Context Protocol (MCP).
Third-Party Security: Conduct deep security assessments and validation of all infrastructure and connection points for third-party LLM and RAG (Retrieval-Augmented Generation) applications.
Threat Modeling: Support threat modeling exercises for new AI applications and pipelines to proactively identify design flaws and adversarial attack vectors (e.g., prompt injection paths).
Mitigation Solutions: Support the design, build, and testing of security controls to mitigate common AI/ML attacks as outlined by frameworks like the OWASP Top 10 for LLM Applications, Mitre Atlas.
2. Access, Identity, and Cloud Controls
IAM Design: Define and implement security designs for Identity and Access Management (IAM), specializing in securing non-human identities, service principles, and cross-cloud access.
API Security: Own the security strategy for all AI service consumption, including hardening of API Gateways and securing authentication flows (e.g., OAuth 2.0/OIDC) for model endpoints.
Secrets Management: Design and PoC the secure storage, injection, and rotation of confidential data (API keys, model weights, database credentials) using solutions like Azure Key Vault and GCP Secret Manager in support of AI Security Infrastructure initiatives.
AI Cloud Hardening: Establish security configuration baselines and network segmentation (e.g., Private Link, VPC Service Controls) for AI-specific cloud resources on Azure and GCP.
3. Collaboration and Strategy Translation
AI Red Team Support: Provide essential infrastructure security expertise and tooling to support the AI Red Team program, helping them build secure testing environments and validate attack findings.
Translation to Production: Collaborate with DevOps, Governance, Vulnerability Management, and Platform Engineering partners to translate successful security PoC's and designs into robust, production-ready solutions and Infrastructure as Code (IaC) controls.
Ideal Candidate Profile
Technical Skills

• Cloud Security Proficiency: Hands-on experience securing platforms and services in Microsoft Azure and Google Cloud Platform (GCP), with an understanding of hybrid security models.
• Identity & Access: In-depth knowledge of Identity and Access Management (IAM) concepts, including implementation experience with OAuth 2.0/OIDC and modern token-based authentication systems.
• API/Application Security: Solid background in designing and testing the security of REST APIs and associated middleware (e.g., API Gateways, WAFs).
• Secrets Management: Practical experience designing or implementing solutions for secure secret storage and retrieval (e.g., Azure Key Vault, GCP Secret Manager, HashiCorp Vault, Hardware Security Modules)
• Programming/Scripting: Ability to script in Python, Go PowerShell, or similar languages (Python preferred) for security tool evaluation, PoC implementation, and security automation scripting.
• Good understanding of AI security frameworks such as OWASP Top 10 for LLM Applications, OWASP API Top 10, Mitre Atlas
• Good understanding of the end-to-end AI lifecycle with proven ability to secure each stage against adversarial attacks and supply chain vulnerabilities

AI and Emerging Protocols

• Strong understanding of the AI/ML development lifecycle and the unique security risks associated with Generative AI, LLMs, and RAG architectures.
• Familiarity with the security implications of emerging agent collaboration protocols (A2A and MCP).
• Experience with risk assessment, vulnerability research, or threat modeling focused on AI systems.

Professional Experience and Education

• 7+ years of progressive experience in Cybersecurity, Cloud Security Engineering, Application Security or AI Security and Automation.
• 2-3+years machine learning / A.I.
• Excellent written and verbal communication skills, with the ability to articulate complex technical risks and design strategy to both technical teams and non-technical stakeholders.

Desired Qualifications (Nice to Have)
Relevant professional certifications (e.g., Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, CISSP, CCSP).
Experience securing containerized environments (Kubernetes/AKS/GKE).
Familiarity with Infrastructure as Code (IaC) tools such as Terraform or Pulumi.
Who We Are:
TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues.
TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you.
Our Total Rewards Package
Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical, and mental well-being goals. Total Rewards at TD includes a base salary, variable compensation, and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off, banking benefits and discounts, career development, and reward and recognition programs.
Additional Information:
We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home.
Please be advised that this job opportunity is subject to provincial regulation for employment purposes. It is imperative to acknowledge that each province or territory within the jurisdiction of Canada may have its own set of regulations, requirements.
Colleague Development
If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals.
Training & Onboarding
We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role.
Interview Process
We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call.
Accommodation
Your accessibility is important to us. Please let us know if you'd like accommodations (including accessible meeting rooms, captioning for virtual interviews, etc.) to help us remove barriers so that you can participate throughout the interview process.
We look forward to hearing from you!
Language Requirement (Quebec only): Sans Objet

Skills Required