Information Security Specialist - Toronto, Canada - TD Bank
Description
396970BRTechnology Solutions
Toronto, ON
January 30, 2023
Company Overview
Department Overview
Building a World-Class Technology Team at TD
TD's enterprise Vulnerability Management (VM) capability is managed as part of a multi-team organizational structure known as the VM Platform, which is a centralized organizational structure accountable for the direction, implementation, and effective and continuous delivery of all activities pertaining to the enterprise VM Operating Directive (VMOD).
As a member of the Governance function, the Information Security Specialist supports the VM Platform through operational oversight over all VM Platform functions, including:
- Vulnerability Exception Management & Risk Analysis
- Vulnerability Thematic Problem Analysis
- Vulnerability Policies, Frameworks, Standards, Procedures
- Vulnerability Platform Operational Oversight
- Vulnerability Platform Capability Integrations
As a central point of contact for the VM Platform, the position provides internal TD stakeholders with a dedicated, knowledgeable, and supportive resource in facilitating matters related to vulnerabilities within the TD environment.
This position also provides thought leadership and outcome-oriented approaches to complex VM problems spanning across multiple stakeholders, balancing operational considerations against the objectives of the VM Platform.
Job Description:
About This Role
Key Position Objectives
- Mitigate the risk to TD through the assessment, control, and reporting of exceptions to the enterprise Vulnerability Management operational objectives.
- Leverage data driven insights to identify and maintain a register of operational impediments to the VM Platform's operational objectives, subsequently planning, executing, and driving collaboration and resolution of thematic issues with applicable stakeholders.
- Contribute to the direction of the enterprise VM Platform through the development of supporting vulnerability policies, frameworks, standards, control objectives, guidelines, and operational procedures.
- Contribute to the enterprise Vulnerability Management strategy by facilitating ongoing centralized collaboration and enforcing accountability amongst key VM Platform function leads.
- Support the integration of enterprise vulnerability management capabilities, including technology solutions, governance structures, and supporting processes.
Typical Daily Activities
- Vulnerability & patch exception analysis
- Vulnerability standards, guidelines, process development
- Monthly vulnerability risk scorecards
- Design, coordination, & execution of vulnerability scenarios
- Thematic deep dive tracking & analysis on operational vulnerability impediments
- Internal & external stakeholder engagement (advisory & guidance)
- Monitoring vulnerability regulatory and industry capability changes
Requirements:
What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention.
It helps if you have:
- Strong familiarity with navigating & operating within enterprise size organizations.
- Strong experience in developing and supporting IT risk governance practices.
- Experience defining key security controls and control testing.
- Familiarity & desire to cultivate knowledge related to vulnerability management operations in areas such as:
- vulnerability intelligence,
- vulnerability triage,
- vulnerability remediation.
- Excellent knowledge of cybersecurity industry control standards (e.g. NIST, ISO, CIS).
- Demonstrated understanding of industry vulnerability management standards (e.g. NVD CVSS).
- Familiarity & desire to cultivate knowledge related to:
- Vulnerability scanning tools (e.g. Qualys, Tenable, Rapid7)
- Networking, operating systems (e.g. Unix, Widows, zOS)
- Database systems (e.g. Oracle, SQL Server, Sybase)
- Working knowledge of ServiceNow Security Operations modules (e.g. Vulnerability Response, Configuration Compliance).
- Familiarity with reporting & data visualization methods and tools (e.g. ServiceNow Performance Analytics, MS PowerBI, Tableau).
- Familiarity with various GRC platforms and alternative tracking methods (e.g. SharePoint, Confluence, JIRA).
- Excellent project & time management skills.
Education/Experience (to enter position):
- 4+ years' work experience in a midlarge size organization
- 4+ years' work experience in developing and supporting IT risk governance
- Cybersecurity / IT Risk related certifications (e.g. CRISC, CISSP, CISM)
Join in on what others in TD Technology Solutions are doing:
- Inspire a positive work environment and help champion quality, innovation, teamwork and service to the business.
- Learn voraciously, stretch your thinking,
- #LI-POST
Hours
37.5
Inclusiveness
At TD, we are committed to fostering an
More jobs from TD Bank
-
Product Owner I, Common Services
Toronto, Canada - 1 week ago
-
Treasury Analyst
Toronto, Canada - 3 days ago
-
Td Insurance Operations Officer
Halifax, Canada - 6 days ago
-
Audit Manager Ii
Toronto, Canada - 4 days ago
-
Customer Experience Associate
Belle River, Canada - 1 week ago
-
Customer Experience Associate
Montréal, Canada - 1 week ago