Job Description

Job Description

PLEASE REFER TO THE QUALIFICATIONS SECTION FOR SPECIFIC ROLE REQUIREMENTS

About This Role

We are looking for someone to develop and implement Technology Controls and Information Security related policies, programs and tools. You will provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect TD. You may also participate on projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.

Meaningful work is fueled by meaningful performance and career development conversations with your manager. Here are the essential job functions of this position:

* Guide partners on a broad range of specific Technology Controls and Information Security programs, policies, standards and incidents.
* Conduct risk assessment, required controls definition, control procedure appropriateness, vulnerability assessments and any other relevant areas.
* Lead or contribute to the completion of risk and control design assessments for an assigned business application, business portfolio, and overall enterprise, as well as risk mitigation and remediation plans and remediation strategy.
* Contribute to the definition, development, and oversight of a global security management strategy and framework.
* Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats against TDBGs business.
* Develop on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.
* Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.
* Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
* Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.
* Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise .
Other duties as assigned Driving Requirements: Travel Requirements:

Requirements

PLEASE REFER TO THE QUALIFICATIONS SECTION FOR SPECIFIC ROLE REQUIREMENTS

What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. Here are the minimum requirements for this position:

* University Degree.
* Information Security Certification / Accreditation an asset.
* 7+ years of relevant experience.
* Expert knowledge of IT security and risk disciplines and practices.
* Advanced knowledge of of organization, technology controls, security and risk issues.
* Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.
* Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors.
* Must be eligible for employment under regulatory standards applicable to the position.

Qualifications

Preferred Qualifications - Here are the preferred qualifications for this role:

Develop use cases in Cloud SIEM (Azure Sentinel) to detect advanced threats, actor techniques, anomalous or suspicious activity to identify potential and active risks to systems and data.
Participate in creating innovative ways to use a wide range of security event data to advance detection methods and product capability.
Integrate various data streams into SIEM platform, develop and improve correlations between various SIEM platform to enhance detection posture.
Thoroughly document implementations, via technical documentation and playbooks for the client.
Provide input and feedback for existing SIEM Cloud use cases, analyze and propose detection improvements.
Design and drive technical plans toward security analytics management objectives such as: integration of events from cloud/on prem platforms to enterprise SIEM; implementation of use cases/policies; net new security use cases development to support Security Logging & Monitoring/UEBA, account for the effect of the evolving threat space on the overall set of existing security use cases.
Develop and lead work-shopping activities for security use cases development and tuning, processes and playbooks for security event management use cases and security analytics on-boarding/ off-boarding, intake management, requirements analysis, remediation, and reporting.
Categorize SIEM use cases using MITRE ATT&CK; framework, participate on Purple team testing and ensure successful implementation.
Customer facing role Walk thru to white boarding of SIEM use cases development process and implementation planning to stakeholders
Assist on improving security architectures for cloud cloud/hybrid systems.Qualifications:3 to 5 years' work experience in information security, cyber security, data protection or a related field
Minimum of a two-year degree in information protection, computer forensics, computer information systems, computer science, or information systems management.Possess a firm understanding of the capabilities within Amazon Web Services (AWS), GCP, and Microsoft Azure platforms.
Experience with cloud-hosted services, web-based applications, and server/service management feature

Hours

40

Inclusiveness

At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live in and serve, and creating an environment where every employee has the opportunity to reach their potential.

If you are a candidate with a disability and need an accommodation to complete the application process, email the TD Bank US Workplace Accommodations Program at USWAPTDO@td.com . Include your full name, best way to reach you, and the accommodation needed to assist you with the application process.

EOE/Minorities/Females/Veterans/Individuals with Disabilities/Sexual Orientation/Gender Identity.