Sr Infosec Specialist - Cloud Security IAM Specialist

Company Overview

About TD Bank, America's Most Convenient Bank

TD Bank, America's Most Convenient Bank, is one of the 10 largest banks in the U.S., providing more than 8 million customers with a full range of retail, small business and commercial banking products and services at approximately 1,300 convenient locations throughout the Northeast, Mid-Atlantic, Metro D.C., the Carolinas and Florida. In addition, TD Bank and its subsidiaries offer customized private banking and wealth management services through TD Wealth, and vehicle financing and dealer commercial services through TD Auto Finance. TD Bank is headquartered in Cherry Hill, N.J. To learn more, visit www.tdbank.com. Find TD Bank on Facebook at www.facebook.com/TDBank and on Twitter at www.twitter.com/TDBank_US.

TD Bank, America's Most Convenient Bank, is a member of TD Bank Group and a subsidiary of The Toronto-Dominion Bank of Toronto, Canada, a top 10 financial services company in North America. The Toronto-Dominion Bank trades on the New York and Toronto stock exchanges under the ticker symbol "TD". To learn more, visit www.td.com.

Department Overview

Building a World-Class Technology Team at TD

We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open

Job Description

PLEASE REFER TO THE QUALIFICATIONS SECTION FOR SPECIFIC REQUIREMENTS FOR THIS ROLE

About This Role

We are looking for someone to lead and provide sound counsel on development and implementation of significant enterprise-wide Technology Controls and Information Security strategies, policies, programs and tools. As part of this, you'll oversee control and governance activities and identify and assess potential security risks, vulnerabilities that impact highly complex, high-risk businesses or transformational strategic initiatives. You'll have significant exposure to executives and functional stakeholders enterprise-wide if you prove to be the winning candidate.

Meaningful work is fueled by meaningful performance and career development conversations with your manager. Here are the essential job functions of this position:

• Provide technical leadership on a range of specific Technology Controls and Information Security programs, policies, standards and incidents.

• Lead risk assessment, required controls definition, control procedure appropriateness, vulnerability assessments and any other relevant areas.

• Conduct comprehensive risk and control design assessments for an application portfolio, articulate and document impact of control gaps to the business and enterprise-wide, risk mitigation and remediation plans, remediation strategy document or provide information security solutions to address risks.

• Contribute to the definition, development, and oversight of a global security management strategy and framework.

• Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging security threats against TDBG's business.

• Provide guidance and/or lead on the development of on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.

• Develop on-going Technology Risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.

• Act as primary practice / technical expert and proactively work with technology partners and stakeholders and service/platform owners to ensure all technology security components are integrated into the bank's overall Enterprise Architecture, and any control gaps are addressed.

• Proactively review internal processes and activities and identify opportunities for improvement.

• Adhere to, advise on, oversee, monitor, enforce enterprise frameworks and methodologies related to technology controls and information security activities.

• Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise.

• Remain informed of emerging issues, industry trends and/or relevant changes.

Requirements

PLEASE REFER TO THE QUALIFICATIONS SECTION FOR SPECIFIC REQUIREMENTS FOR THIS ROLE

What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. Here are the minimum requirements for this position:

• University Degree.

• Information Security Certification / Accreditation an asset.

• 10+ years of relevant experience and are equipped to provide technical leadership to a larger team portfolio.

• Comfortable operating as a technical expert with deep knowledge of IT security and risk disciplines and can foresee issues and identify emerging industry trends.

• Advanced and highly-specialized knowledge of the business, technology controls / security/ risk issues.

• Experience working on high-profile, complex and/or high-risk technology projects with significant impact to the organization.

• Ability to demonstrate technical leadership to a larger team portfolio.

• Must be eligible for employment under regulatory standards applicable to the position.

Qualifications

Following are the preferred qualifications for this role:

Build IAM solution enhancements and Cloud IAM controls, in line with information security standards and industry best practices

Act as an expert in Azure Active Directory Platform Identity and Access Management capabilities and security controls, finalizing Azure AD Identity and Access Management solutions in line with IAM security strategy and standards

IAM lead for establishing federation models with governance based on trust and ABAC

Act as a technical lead for Azure AD Zero Trust components implementation Conditional Access, MS MFA authentication, Azure AD proxy, ADFS to Azure AD migration

Define governance processes and compliance requirements for automated identity and entitlement lifecycle management

Lead in defining privileged access requirements and architectures for cloud environments

Perform security reviews of Azure AD, cloud migration, adoption initiatives, SaaS, cloud-native.

Outline the governance model for identity credentials using automated tooling such as HashiCorp Vault.

Ensure continuous improvement within the IAM security services by introducing and implementing emerging security technologies and practices.

Provide leadership and guidance throughout the project lifecycle, including evaluating business requirements and security technologies, planning technology deployment, mentoring security engineering teams, and soliciting feedback from security operations teams and other internal customers

Provide IAM AD and Azure AD project teams with technical advice, guidance, expertise and risk analysis

Resolve complex IAM and cross-functional technical issues promptly

University degree in Computer Science, Computer Engineering or equivalent in a similar field with 10 years of related work experience

5-7 years of experience designing, managing, maintaining and troubleshooting a Microsoft-oriented Identity and Access environment

A minimum of 2 years of administrator or integrator experience on Microsoft Azure/cloud Identity and access management cybersecurity solutions

Demonstrate experience in establishing architecture, governance and operational models with Attribute Based Access Control access models in enterprise environments with Big Data platforms

Experience with CyberArk and SailPoint platforms

Expert skills designing, implementing and managing the Microsoft Azure AD environment including claims-based authentication, conditional access, Azure AD Connect and password management in medium-size enterprise environments

Solid skills writing moderately complex PowerShell Scripts to enable automation in the Microsoft environment

Demonstrated experience in use case development and test case development and execution

Experience working in Agile and DevOps environments

Proven work experience implementing cloud security models, particularly identity, network and encryption in Azure.

Strong foundation knowledge across Microsoft technology stack, Active Directory, and the Azure security offerings and ability to communicate security and risk-related concepts to key stakeholders

Knowledgeable with IAM industry standards and guidance from NIST, CSA, OASIS (SAML, OAuth), and FICAM

Certified in one of the following areas: CISSP, CCSP, CISM, or MS MC: Azure Security Engineer. AZ-500 (preferred)

Hours

40

Inclusiveness

At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live in and serve, and creating an environment where every employee has the opportunity to reach their potential.

If you are a candidate with a disability and need an accommodation to complete the application process, email the TD Bank US Workplace Accommodations Program at USWAPTDO@td.com . Include your full name, best way to reach you, and the accommodation needed to assist you with the application process.

EOE/Minorities/Females/Veterans/Individuals with Disabilities/Sexual Orientation/Gender Identity.