Threat Modeling and Attack Surface Specialist - Toronto, Canada - TD Bank

TD Bank
TD Bank
Verified Company
Toronto, Canada

3 weeks ago

Sophia Lee

Posted by:

Sophia Lee

beBee Recruiter
Description
395847BR

Technology Solutions

Toronto, ON

January 30, 2023

Company Overview

Department Overview


Building a World-Class Technology Team at TD
We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you.

The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology.

TD's technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.


TD Information Security covers the development and management of security strategies, policies and programs to assess, prioritize, and mitigate business risk with technology controls


Priorities include:

mitigating and managing cyber security threats, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity, and partnering with businesses for better technology delivery by providing advice on technology controls.

There's room to grow in all of it.


Job Description:


About This Role

  • As a
-
Cyber-Fraud Threat Modeling and Attack Surface Specialist you're an expert when it comes to tactics, techniques, and procedures (TTPs) used by threat-actors during account-level attacks. Utilizing this knowledge, you will model potential attacks that help ensure customer identity and access management (CIAM) controls are designed, developed, and implemented with security at the forefront. You're also the lead for the TD CIAM Attack Surface Matrix and the SME that connects with other technical resources to ensure we're constantly monitoring and hardening that attack surface.

  • You play a key role in developing hunting scenarios specific to cyberfraud and collaborating with threat hunters across Enterprise Protect during planning and execution.


As a Cyber-Fraud Threat Modeling and Attack Surface Specialist it is your mission to identify what CIAM controls have been missed and utilize your findings to improve existing protection and the overall security posture of TD.

You work also enables others in the group to surface indications of threat-actor activity during reconnaissance and testing phases before an attack at scale can occur.


In this role you'll be part of a fast-paced team of experts that identifies, investigates, disrupts and prevents attacks targeting the global digital properties of TD.


Meaningful work is fueled by meaningful performance and career development conversations with your manager.

Here's some of what you may be asked to perform:

  • Protect TD Bank and our customers through: prevention and early detection of account level attacks, customer empowered security, target hardening, and scalable attack response capabilities.
  • Develop threat models for potential accountlevel attacks targeting customer identity and access management (CIAM) systems and controls.
  • Continuously maintain the TD CIAM Attack Surface Matrix to support monitoring and hardening of that attack surface.
  • Developing hunting scenarios specific to cyberfraud and collaborate with threat hunters across Enterprise Protect during planning and execution.
  • Assess cyberfraud occurring through TD's digital properties to identify opportunities for improvement in authentication policy logic and other controls without disproportionately affecting legitimate customers.
  • Correctly assess and articulate complex findings based on triage and scope review.
  • Produce and maintain documentation of findings in various formats including: chronology, stakeholder status updates; executive briefing notes, and contributions to postincident reports.
  • Provide technical guidance in relation to complex cyberfraud incidents.
  • Mentorship of colleagues in security best practices.
  • Convey business and data requirements and support automation of existing manual analysis and testing.
  • Constantly maintain and grow your knowledge of: threathunting, threatmodeling, digital identity proofing; riskbased authentication and authentication logic flaws; botmitigation; API security best practices, security information and event management (SIEM) tools; and incident management.
  • Maintain the highest professional standards regarding personal conduct while performing work often involving sensitive/confidential information. You must possess the ability to communicate complex information, concepts or ideas in a confident, wellorganized and succinct manner.

Requirements:


What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention.


It helps if you have:

  • Three (3) years of experience with security testing (red team or penetration testing), threat hunting, or as a senior SOC analyst with hunting experience, preferably in a financial services environment.
  • Extensive experience with log analysis, knowledge of query structures, and r
More jobs from TD Bank
See all jobs of TD Bank