Manager of Security Risk Management

Industry: Accounting, Finance & Insurance


5 - 7 years

Posted 79 days ago

This job is no longer available.

Manager of Security RiskManagement


Quick Facts

Omaha, Nebraska, Jersey City, New Jersey, St Louis, MissouriID# 2018-17292Regular Full-TimeManager


To all recruitment agencies: TD Ameritrade does not accept agency resumes. Please do not forward resumes to our job alias, TD Ameritrade employees or any other company location. TD Ameritrade is not responsible for any fees related to unsolicited resumes.

The TDA Security Risk Management (SRM) Group, under the leadership of the Chief Information Security Officer (CISO), is tasked to protect information assets in support of TD Ameritrade business objectives and in conformity with TD Ameritrade policies. The Vulnerability and Threat Management (VTM) Team is a core function of SRM and is tasked with continually improving the security posture of TD Ameritrade through the analysis of vulnerability and threat data, responding appropriately to the results of such analysis, providing security-related guidance, developing security policies and evangelizing security matters throughout the company. The Manager, Security Risk Manager will manage a program to identify, classify, remediate and mitigate security risksand vulnerabilities throughout the company. Primary responsibilities include management of a riskassessment program, development and review of assessment reports and statistics and briefing of risk findings to company stakeholders.


  • Continually develop and improve security risk assessment methodology
  • Conduct security risk assessments of business processes, technology designs, security controls, technology architectures and product designs
  • Develop risk registers, security questionnaires and surveys to aid in the effective execution of risk assessments
  • Coordinate definition, production and continual improvement of security metrics across technology, security and business units
  • Partner with Security Risk Management peers to analyze and collect risk data and metrics from existing vulnerability, vendor management, project, threat management, and application related processes
  • Develop and maintain effective workflows for the automated collection, storage and reporting of risk data
  • Recommend security controls and/or corrective actions for mitigating technical and business risk
  • Hold recurring meetings with appropriate business groups to report and manage identified security risks
  • Participate in technology and security strategy planning processes to ensure identified risk mitigation is addressed in departmental planning
  • Develop trending reports to identify areas of focus and risk concentration
  • Provide leadership and direction to the team; provide regular coaching and feedback, set and communicate realistic performance goals and provide performance feedback on a regular basis
  • Provide additional training and support based on individual team member’s development needs and goals
  • Set strategic and functional goals that can be communicated at team and individual level to meet team and departmental expectations
  • Effectively communicate the Corporate mission, vision and company Core Values to the team


  • 4 year College Degree
  • 5-10 years total experience
  • Bachelor’s degree in a related field and/or a minimum of 7 years of related experience
  • 5+ years of experience in performing risk assessments
  • Experience managing a team
  • An understanding of regulatory requirements: PCI, SOX, HIPAA, ISO 27002 standard
  • Information Security and control certifications preferred (CISSP, CISA, CRISC, etc.)
  • Military education or experience may be considered in lieu of civilian requirements listed

ID# 2018-17292