Job Description

TD Description

Tell us your story. Don\'t go unnoticed. Explain why you\'re a winning candidate. Think "TD" if you crave meaningful work and embrace change like we do. We are a trusted North American leader that cares about people and inspires them to grow and move forward.

Stay current and competitive. Carve out a career for yourself. Grow with us. Here\'s our story:

Department Overview

Building a World-Class Technology Team at TD

We can\'t afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD\'s technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.

TD Information Security covers the development and management of security strategies, policies and programs to assess, prioritize, and mitigate business risk with technology controls. Priorities include: mitigating and managing cyber security threats, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity, and partnering with businesses for better technology delivery by providing advice on technology controls.

There\'s room to grow in all of it.

Job Requirements

What will you need to succeed?

• At least 7-10 years experience in information technology required.
• 5+ years of relevant information security and information risk management experience.
• 3+ years of relevant experience in Public Cloud Security, including IaaS, PaaS and SaaS.
• Familiarity of Infrastructure as a Service, Infrastructure as Code and related concepts on Google Cloud Platform (GCP) or Amazon Web Services (AWS).
• Knowledge of cybersecurity concepts, including threats, vulnerabilities, security operations, encryption, boundary defense, auditing, authentication and risk management.
• Skilled experience in Cloud Security Architecture and Microservices Security (e.g. Tenant Security, AKS Security, Containers Security, Pod Security, Application Gateway & WAF, Security Groups and VNET Segmentations, Security Analytics, etc.).
• Knowledgeable in the dependencies related to end-point security and interaction with other components such as privilege management system, SIEM, SOAR, vulnerability management solution and operating model, PKI/Encryption technology, Firewall/IPS, WAF etc.
• Understanding the dependencies related to application security best practices such as secure coding, security testing techniques.
• Working knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.).
• Experience and exposure to threat modelling and design reviews to assess security implications and requirements for the introduction of new technologies.
• Skilled in representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions.
• In-depth understanding in applying native cloud security and monitoring services in the cloud, including network firewalls, access control lists, encryption, auditing and monitoring, alerting, secrets management and compliance scanning.
• Familiarity with IT service management processes and concepts, including change management, incident management, problem management and configuration management
• Knowledge of configuration management technologies (i.e., SaltStack and Ansible), Infrastructure Automation Technologies (i.e., Terraform), Containerization and Cloud Orchestration Technologies (i.e., Kubernetes, Dockers), Windows/Linux and related services (i.e., Active Directory, DNS, MSSQL).
• Experience implementing and/or supporting a large-scale corporate enterprise solution.
• Experience with DevOps Concepts and DevOps tooling such as Terraform, GitHub, Jenkins, SaltStack, XL Release, Bit Bucket.
• Skilled in full software or systems development life cycle, including requirements analysis, design, integration, testing and implementation.
• Knowledge of federal IT and cloud security policies, including FISMA, FedRAMP, NIST 800-53, and DoD Cloud SRG and applying them to the design and implementation of cloud solutions to achieve an authorization to operate (ATO).
• Comfortable working with enterprise architecture while collaborating with cross-functional teams to implement solutions.
• Strong interpersonal and communication skills; ability to work in a team environment
• Self-starter/self-motivated; ability to work independently with minimal direction
• Technical and business writing experience.
• Demonstrate solid understanding and experience with systems automation platforms and technologies.
• Proven experience in setting up and managing AWS and/or GCP tenancies, GCP and/or AWS accounts, and resource management would be a plus.
• Ability to articulate complex technical risk information into easy to understand business terms.
• Experience preparing and presenting material to C-Suite audiences would be an asset.

Hours

37.5



About This Role

This role is critical for defining, documenting and ensuring the completeness and correctness of implemented technical and process controls related to the technical security controls connected to end-point devices implemented or operated in Public Cloud. More specifically, the Cloud Infrastructure Security Specialist will:

• Direct and provide hardening guidance for cloud services from Cloud Service Providers such as Amazon, SalesForce and Google.
• Develop, implement, monitor and enhance data security policies, procedures, and standards related to AWS and GCP.
• Perform in-depth risk assessments to ensure that the security safeguards and controls are aligned with our security policy and standards.
• Review infrastructure design on-premises and on the Cloud (inclusive of container security architecture, data security architecture, network security architecture, and operational security architecture).
• Assess the infrastructure and microservices design against different security regulatory, industry and internal standards such as TD Cloud Control Matrix, NIST, HITRUST CSA Containers\' security guidelines and identify the necessary security architecture requirements.
• Execute on Cloud security engagements during different phases of the lifecycle - assess, design and implementation. Implementing industry-leading practices around cyber risks and cloud security.
• Create technical and managerial level reports (KPI) and risk assessments for on-premises and cloud-based applications and infrastructure.
• Ensure a "single pane of glass" into end-point controls and full automation of end-point controls in the ecosystem of TD Azure Cloud is automated from implementation, reporting and remediation perspective.
• Research, create, develop and enforce security policies, standards and procedures to ensure the protection of the organization\'s security and systems as specified by the HITRUST/NIST control framework.
• Provide IT and business resources guidance in interpreting security compliance requirements and performing application and system security assessments.

Inclusiveness

At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live and serve. If you require an accommodation for the recruitment/interview process (including alternate formats of materials, or accessible meeting rooms or other accommodation), please let us know and we will work with you to meet your needs.

Additional Information

Additional Information

Education:

• Bachelor\'s degree in computer science, engineering or a related field or equivalent work experience.

Certifications:

• Completed large/complex Cloud transformation projects
• Valid certification such as CompTIA Security+, CISSP, CCSP or CCSK
• Completed projects related to AWS and/or GCP for a private-sector employer
• AWS or GCP Security Certification

#tdcybersecurity

Business Line

Corporate

Job Category - Primary

Technology Solutions

Job Category(s)

Technology Solutions

Job Family

Information Security

Time Type

Full Time

Employment Type

Regular

TD Bank