Information Security Specialist - Technical Threat Intelligence Spec
Building a World-Class Technology Team at TD
We can’t afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD’s technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.
TD Information Security covers the development and management of security strategies, policies and programs to assess, prioritize, and mitigate business risk with technology controls. Priorities include: mitigating and managing cybersecuritythreats, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity, and partnering with businesses for better technology delivery by providing advice on technology controls.
There’s room to grow in all of it.
About This Role
The Cyber Security Team is responsible for protecting the Bank, customers and employees by mitigating and identifying technologythreats to TD. Development of effective risk management programs help ensure TD’s best-in-class cybersecurity approach. You will provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect TD. You may also participate on projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.
Meaningful work is fueled by meaningful performance and career development conversations with your manager. Here are the essential job functions of this position:
- Highly motivated, team-oriented, self-learner, responsible, and focused on exceeding expectations
- Production of regular intelligence products for technical and non-technical audiences
- Strong organizational skills to facilitate management and tracking of large numbers of incidents, events, and intelligence feeds
- Sense of urgency, resourcefulness and enthusiasm in providing analysis, briefings and reports (both written and oral)
- Ability to applyagile methodology & accurate logic and common sense in making decisions
- Ability to protect confidential information and act with a high level of integrity
- Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and securitythreats against TDBG’s business.
- Develop on-going technologyriskreporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.
- Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.
- Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
- Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.
- Influence behavior to reduce risk and foster a strong technologyrisk management culture throughout the enterprise .
Other duties as assigned
• Driving Requirements:
• Travel Requirements:
What can you bring to TD?Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. Here are the minimum requirements for this position:
- University Degree.
- Information Security Certification / Accreditation an asset.
- 7+ years of relevant experience.
- Expert knowledge of IT security and risk disciplines and practices.
- Advanced knowledge of of organization, technology controls, security and risk issues.
- Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.
- Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors.
PreferredQualifications – Here are thepreferredqualifications for this role:
- Prior experience performing cyberthreat hunting in an organization
- Ability to program / write scripts / queries in various languages (python, C / C++, etc) a definite asset.
- Ability to speak, read, write and translate anotherlanguage a definite asset
- Solid understanding of Network and Securityinfrastructure, topology including firewalls, routers, wireless access points, DNS, malware, etc preferred