Cloud Information Security Specialist - Toronto, Canada - TD Bank

TD Bank

Verified Company

Toronto, Canada

2 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

Cloud Information Security Specialist - AWS:

BR

Job Category - Primary

Technology Solutions

Work Location
Front Street West Corporate

Employment Type

Regular

City

Toronto

Time Type

Full Time

Province/State

Ontario

Hours

37.5

Workplace Model

Hybrid

Pay Details

Department Overview

Building a World-Class Technology Team at TD
We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you.

The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology.

TD's technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.

TD Information Security covers the development and management of security strategies, policies and programs to assess, prioritize, and mitigate business risk with technology controls

Priorities include:

mitigating and managing cyber security threats, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity, and partnering with businesses for better technology delivery by providing advice on technology controls.

There's room to grow in all of it.

Job Details

About This Role
We are looking for someone to develop and implement Technology Controls and Information Security related policies, programs and tools.

You will provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect TD.

You may also participate on projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.

This role is critical for defining, documenting and ensuring the completeness and correctness of implemented technical and process controls related to the technical security controls for the enablement of Cloud services, tooling, and migration of workloads to the public Cloud.

More specifically, the Cloud Information Security Specialist will:

Direct and provide hardening guidance for cloud services from Cloud Service Providers such as Amazon and Google.
Develop, implement, monitor and enhance data security policies, procedures, and standards related to AWS and GCP.
Work with a team of Cloud Security Professionals where work is assigned via scaled agile methodology and distributed based on priority and skillset of team members.
Perform indepth risk assessments to ensure that the security safeguards and controls are aligned with our security policy and standards.
Review infrastructure design onpremises and on the Cloud (inclusive of container security architecture, data security architecture, network security architecture, and operational security architecture).
Assess the infrastructure and microservices design against different security regulatory, industry and internal standards which are based on NIST, CSA, HITRUST security guidelines and identify the necessary security architecture requirements.
Execute on Cloud security engagements during different phases of the lifecycle assess, design and implementation. Implementing industryleading practices around cyber risks and cloud security.
Contribute to "single pane of glass" of applicable controls and full automation of endpoint controls in the ecosystem of TD's Public Cloud environments is automated from implementation, reporting and remediation perspective.
Research, create, develop and enforce security policies, standards and procedures to ensure the protection of the organization's security and systems as specified by the HITRUST/NIST control framework.

Job Requirements

What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention.

It helps if you have:

At least 710 years experience in information technology required.
5+ years of relevant information security and information risk management experience.
3+ years of relevant experience in Public Cloud Security, including IaaS, PaaS and SaaS.
Familiarity of Infrastructure as a Service, Infrastructure as Code and related concepts on Google Cloud Platform (GCP) or Amazon Web Services (AWS).
Knowledge of cybersecurity concepts, including threats, vulnerabilities, security operations, encryption, boundary defense, auditing, authentication and risk management.
Skilled experience in Cloud Security Architecture and Microservices Security (e.g. Tenant Security, AKS Security, Containers Security, Pod Security, Application Gateway & WAF, Security Groups and VNET Segmentations, Security Analytics, etc.).
Knowledgeable in the dependencies related to endpoint security and interaction with other components such as privilege management system, SIEM, SOAR, vulnerabi