Information Security Specialist- Governance and Control

Tell us your story. Don’t go unnoticed. Explain why you’re a winning candidate. Think “TD” if you crave meaningful work and embrace change like we do. We are a trusted North American leader that cares about people and inspires them to grow and move forward.

Stay current and competitive. Carve out a career for yourself. Grow with us. Here’s our story: jobs.td.com

Department Overview

Building a World-Class Technology Team at TD

We can’t afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD’s technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.

TD Information Security covers the development and management of security strategies, policies and programs to assess, prioritize, and mitigate business risk with technology controls. Priorities include: mitigating and managing cyber security threats, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity, and partnering with businesses for better technology delivery by providing advice on technology controls.

There’s room to grow in all of it.

Job Description

Job Description

Fraud TS is looking for a Risk Manager to join our team. This individual will help coordinate and support key stakeholders across several teams, and oversee risk related processes, assessments, and risk mitigation/remediation activities for all Fraud TS Application (95+). This individual will have an excellent understanding of TD infrastructure standards, security controls, policies and lifecycle risk management programs (currency management, patch management, configuration management and support maintenance).

• Controls Management:
  • Analyze security control requirements, enterprise standards and associated audit commitments
  • Document, publish and socialize service requirements
  • Establish compliance success metrics and develop interactive reporting dashboards
  • Communicate compliance and risks to stakeholders and senior management

• Risk Management
  • Maintain and execute key risk management processes and provide guidance to supporting network services teams (architecture, engineering, delivery, service management)
  • Track, analyze and report currency, vulnerability/patch and configuration drift compliance risks
  • Conduct compliance criteria assessments (lifecycle milestone date validations, vulnerability risks and exceptions, configuration standards) and socialize with key stakeholders
  • Analyze deployments and configurations; identify and escalate standards non-compliance and/or configuration drift
  • Act as liaison to Enterprise Protect/OCISO, BISO and Enterprise Currency teams
  • Engage risk advisors and governance teams to negotiate exceptions and risk reclassification
  • Minimize operational risk and financial impact associated with currency non-compliance and extended support coverage requirements

• Process and Planning
  • Develop process and implement tooling to track and engage stakeholders to ensure commitment execution (awareness and attestation)
  • Promote and contribute to enhancement of best practice inventory management
  • Risk management process development and pRCSA representation
  • Archer risk assessments, finding creation and status update
  • Representation for risk related audit reviews, action plan development and plan execution oversight

• Collaborate and build effective working relationships with colleagues across technology and the business to achieve business and IT objectives
• Prioritize and manage own workload to deliver quality results and meet timelines
• Support a positive work environment that promotes service, quality, innovation, and teamwork and ensure timely communication of issues/ points of interest
• Participate in knowledge transfer within the team and partners
• Continuously enhance knowledge / expertise in own area and keep current with leading-edge technologies trends
• Identify and recommend opportunities to enhance productivity, effectiveness, and operational efficiency of partners unit and/or team

Requirements

Job Requirements

• University or Post-Graduate Degree
• Strong academic background (e.g. computer science, engineering).
• 7+ years relevant experience (Audit, security and risk disciplines and practices)
• Advanced Knowledge of Organization, technology controls, security and risk issues
• Information Security Certification / Accreditation and asset
• Advanced knowledge of the business and technology standards
• Previous experience in Fraud Technology an assest
• Expert knowledge IT service management frameworks, tools, processes and procedures
• Strong relationship management skills
• Demonstrated ability to assess priorities quickly and adapt as needed
• Management experience within an IT function preferred
• Infrastructure risk program experience preferred (currency, patch management)
• ServiceNow inventory and process automation experience
• Technical network infrastructure build, engineering or architecture experience an asset

• Must be flexible and thrive in an environment of rapid change

Jira experience an asset

Additional Information

Join in on what others in TD Technology Solutions are doing:

• Inspire a positive work environment and help champion quality, innovation, teamwork and service to the business.
• Learn voraciously, stretch your thinking,

#tdcybersecurity

Hours

Inclusiveness

At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live and serve. If you require an accommodation for the recruitment/interview process (including alternate formats of materials, or accessible meeting rooms or other accommodation), please let us know and we will work with you to meet your needs.


Apply