JOB DESCRIPTION:

Building a World-Class, Diverse and Inclusive Technology Team at TD
We can’t afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD’s technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.
Enterprise Protect – CTM (Cyber Threat Management) team is a group of technology, security and risk professionals in North America and Singapore, focused on managing a comprehensive program to assess, prioritize, and mitigate business risk with technology controls.
The Cyber Security Team is responsible for protecting the Bank, customers, and employees by mitigating and identifying technology threats to TD. Development of effective risk management programs help ensure TD’s best-in-class cyber security approach.
What We Stand For
The Enterprise Protect program is continuously evolving to mitigate risks to the bank, including introducing new initiatives and improved defense. With a layered approach to protect customers, employees and the bank from cyber threats, TD manages, challenges and reviews technology controls for all business applications.

The Senior Information Security Analyst is responsible for reducing the attack surface across multiple different domains within TD.

• Identify, triage, analyze and remediate security incidents in real time such as phishing campaigns, other e-mail threats, unauthorized access, and suspicious activities across multiple different domains.
• Provide expertise and guidance in the detection and mitigation of cyber threats across different domains.
• Threat analysis and mitigation tasks involving endpoint security, cloud environments, email applications, anti-phishing services, domain monitoring, SIEM usage and risk analysis.
• Conduct threat hunting for various threats across different attack surfaces.
• Initiate, coordinate, and prioritize responsibilities and follow through on tasks to completion.
• Monitor and research cyber threats with a direct or indirect impact to TD assets.
• Participate on projects of moderate to high complexity to provide complex reporting, analysis and assessments at the functional, business line or enterprise level.
• Liaise with third party vendors to ensure proper delivery of services.
• Develop and manage processes to track identified incidents or hunts to resolution.
• Triage information received from vendors and manage that information through internal workflows
• Conduct risk assessment, required controls definition, control procedure appropriateness, vulnerability assessments and any other relevant areas.
• Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.
• Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
• Other duties as assigned.

KNOWLEDGE AND SKILLS:

• 7 – 10 years of relevant experience.
• Expert knowledge of IT security and risk disciplines and practices.
• Advanced knowledge of organization, technology controls, security, and risk issues.
• Demonstrated ability to contribute and participate in complex, comprehensive or large projects and initiatives.
• Knowledge on DMARC/SPF/DKIM, Malware Analysis, Email Security, SIEM platforms, Threat Intelligence and Orchestration Platforms, Endpoint Security, and MITRE TTPs.
• Highly effective communication skills with the ability to influence stakeholders and business units, experienced in conveying technical concepts to business and non-technical individuals.
• Strong organizational and self-directing skills. Ability to initiate, coordinate and prioritize responsibilities and follow through on tasks to completion.
• Must have excellent written, presentation and oral communication skills.
• Proficient in problem-solving and decision-making skills.
• Ability to work well under minimal supervision highly trustworthy, acts with integrity, takes pride in work, and seeks to excel, be curious and adaptable.

BACKGROUND AND EDUCATION:

• Completion of a Bachelor’s degree or equivalent program in Computer Science, Management Information Systems or similar field is required.
• Completion of at least one of the following: GIAC (GSEC, GCIH, GCIA, GCFE, GCFA), CCNP, CCNA, CISSP

WHO WE ARE

TD is one of the world’s leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues.
TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you’ve got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we’re here to support you towards your goals. As an organization, we keep growing – and so will you.

• Identify, triage, analyze and remediate security incidents in real time such as phishing campaigns, other e-mail threats, unauthorized access, and suspicious activities across multiple different domains.
• Provide expertise and guidance in the detection and mitigation of cyber threats across different domains.
• Threat analysis and mitigation tasks involving endpoint security, cloud environments, email applications, anti-phishing services, domain monitoring, SIEM usage and risk analysis.
• Conduct threat hunting for various threats across different attack surfaces.
• Initiate, coordinate, and prioritize responsibilities and follow through on tasks to completion.
• Monitor and research cyber threats with a direct or indirect impact to TD assets.
• Participate on projects of moderate to high complexity to provide complex reporting, analysis and assessments at the functional, business line or enterprise level.
• Liaise with third party vendors to ensure proper delivery of services.
• Develop and manage processes to track identified incidents or hunts to resolution.
• Triage information received from vendors and manage that information through internal workflows
• Conduct risk assessment, required controls definition, control procedure appropriateness, vulnerability assessments and any other relevant areas.
• Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.
• Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
• Other duties as assigned