Information Security Specialist - Toronto, Canada - TD Bank

TD Bank

Verified Company

Toronto, Canada

1 week ago

Posted by:

Sophia Lee

beBee Recruiter

Description

398875BR

Technology Solutions

Toronto, ON

February 13, 2023

Company Overview

Department Overview

Building a World-Class Technology Team at TD
We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you.

The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology.

TD's technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.

TD Information Security covers the development and management of security strategies, policies and programs to assess, prioritize, and mitigate business risk with technology controls

Priorities include:

mitigating and managing cyber security threats, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity, and partnering with businesses for better technology delivery by providing advice on technology controls.

There's room to grow in all of it.

Job Description:

About This Role

This role is critical for defining, documenting and ensuring the completeness and correctness of implemented technical and process controls related to the technical security controls connected to end-point devices implemented or operated in Public Cloud.

More specifically, the
Cloud Infrastructure Security Specialist** will:

Direct and provide hardening guidance for cloud services from Cloud Service Providers such as Amazon, SalesForce and Google.
Develop, implement, monitor and enhance data security policies, procedures, and standards related to AWS and GCP.
Perform indepth risk assessments to ensure that the security safeguards and controls are aligned with our security policy and standards.
Review infrastructure design onpremises and on the Cloud (inclusive of container security architecture, data security architecture, network security architecture, and operational security architecture).
Assess the infrastructure and microservices design against different security regulatory, industry and internal standards such as TD Cloud Control Matrix, NIST, HITRUST CSA Containers' security guidelines and identify the necessary security architecture requirements.
Execute on Cloud security engagements during different phases of the lifecycle assess, design and implementation. Implementing industryleading practices around cyber risks and cloud security.
Ensure a "single pane of glass" into endpoint controls and full automation of endpoint controls in the ecosystem of TD Azure Cloud is automated from implementation, reporting and remediation perspective.
Research, create, develop and enforce security policies, standards and procedures to ensure the protection of the organization's security and systems as specified by the HITRUST/NIST control framework.

Requirements:

What will you need to succeed?

At least 710 years experience in information technology required.
5+ years of relevant information security and information risk management experience.
3+ years of relevant experience in Public Cloud Security, including IaaS, PaaS and SaaS.
Familiarity of Infrastructure as a Service, Infrastructure as Code and related concepts on Google Cloud Platform (GCP) or Amazon Web Services (AWS).
Knowledge of cybersecurity concepts, including threats, vulnerabilities, security operations, encryption, boundary defense, auditing, authentication and risk management.
Skilled experience in Cloud Security Architecture and Microservices Security (e.g. Tenant Security, AKS Security, Containers Security, Pod Security, Application Gateway & WAF, Security Groups and VNET Segmentations, Security Analytics, etc.).
Knowledgeable in the dependencies related to endpoint security and interaction with other components such as privilege management system, SIEM, SOAR, vulnerability management solution and operating model, PKI/Encryption technology, Firewall/IPS, WAF etc.
Working knowledge of common and industry standard cloudnative/cloudfriendly authentication mechanisms (OAuth, OpenID, etc.).
Experience and exposure to threat modelling and design reviews to assess security implications and requirements for the introduction of new technologies.
Skilled in representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions.
Familiarity with IT service management processes and concepts, including change management, incident management, problem management and configuration management
Knowledge of configuration management technologies (i.e., SaltStack and Ansible), Infrastructure Automation Technologies (i.e., Terraform), Containerization and Cloud Orchestration Technologies (i.e., Kubernetes, Dockers), Windows/Linux and related services (i.e., Active Directory, DNS, MSSQL).
Experience implementing and/or supporting a largescal