Engineer II (AI Security Infrastructure Engineer)

Work Location: Toronto, Ontario, Canada

Hours: 37.5

Line of Business: Technology Solutions

Pay Details: $114,000.00 - $136,800.00 CAD

TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs.

As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role.

Drive forward‑looking security strategy and engineering solutions for Generative AI and LLM platforms while specializing in leveraging AI security capabilities to augment and fortify existing enterprise solutions. You will act as a key technical leader, bridging the gap between cutting‑edge AI innovation and core infrastructure security.

This role is primarily focused on researching, evaluating, and conducting proof‑of‑concepts for new security technologies and protocols that protect our assets deployed in Azure, Google Cloud, or On‑Premises. You will focus on high‑impact areas, including Agentic AI protocols (A2A, MCP), API security, Identity and Access Management, and third‑party Integration for LLMs, AI models, and RAG applications.

You will partner closely with AI Development teams to provide essential infrastructure security expertise to support broader security initiatives, as well as the Dev‑Sec‑Ops and Platform Engineering teams to translate successful security PoC's into robust, productive‑ready solutions and infrastructure controls.

Providing AI Security Infrastructure solutions, researching, evaluating, and designing solutions that mitigate gaps in security controls, and support leadership strategy and road maps.

• Advanced Protocol and Application Security – Evaluate and secure emerging standards for multi‑agent workflows, such as the Agent‑to‑Agent (A2A) and Model Context Protocol (MCP). Conduct deep security assessments and validate all infrastructure and connection points for third‑party LLM and RAG applications. Support threat modeling exercises for new AI applications and pipelines to proactively identify design flaws and adversarial attack vectors (e.g., prompt injection paths). Mitigate common AI/ML attacks as outlined by frameworks like OWASP Top 10 for LLM Applications, Mitre Atlas.
• Access, Identity, and Cloud Controls – Define and implement security designs for Identity and Access Management (IAM), specializing in securing non‑human identities, service principles, and cross‑cloud access. Own the security strategy for all AI service consumption, including hardening of API Gateways and securing authentication flows (e.g., OAuth 2.0/OIDC) for model endpoints. Design and PoC the secure storage, injection, and rotation of confidential data (API keys, model weights, database credentials) using solutions like Azure Key Vault and GCP Secret Manager. Establish security configuration baselines and network segmentation (e.g., Private Link, VPC Service Controls) for AI‑specific cloud resources on Azure and GCP.
• Collaboration and Strategy Translation – Provide essential infrastructure security expertise and tooling to support the AI Red Team program, helping them build secure testing environments and validate attack findings. Collaborate with DevOps, Governance, Vulnerability Management, and Platform Engineering partners to translate successful security PoC's and designs into robust, production‑ready solutions and IaC controls.

• Cloud Security Proficiency – Hands‑on experience securing platforms and services in Microsoft Azure and Google Cloud Platform (GCP), with an understanding of hybrid security models.
• Identity & Access – In‑depth knowledge of Identity and Access Management (IAM) concepts, including implementation experience with OAuth 2.0/OIDC and modern token‑based authentication systems.
• API/Application Security – Solid background in designing and testing the security of REST APIs and associated middleware (e.g., API Gateways, WAFs).
• Secrets Management – Practical experience designing or implementing solutions for secure secret storage and retrieval (e.g., Azure Key Vault, GCP Secret Manager, HashiCorp Vault, Hardware Security Modules).
• Programming/Scripting – Ability to script in Python, Go, PowerShell, or similar languages (Python preferred) for tool evaluation, PoC implementation, and security automation scripting.
• Good understanding of AI security frameworks such as OWASP Top 10 for LLM Applications, OWASP API Top 10, Mitre Atlas.
• Good understanding of the end‑to‑end AI lifecycle with proven ability to secure each stage against adversarial attacks and supply chain vulnerabilities.

• Strong understanding of the AI/ML development lifecycle and the unique security risks associated with Generative AI, LLMs, and RAG architectures.
• Familiarity with the security implications of emerging agent collaboration protocols (A2A and MCP).
• Experience with risk assessment, vulnerability research, or threat modeling focused on AI systems.

• 7+ years of progressive experience in Cybersecurity, Cloud Security Engineering, Application Security or AI Security and Automation.
• 2-3+ years machine learning / A.I.
• Excellent written and verbal communication skills, with the ability to articulate complex technical risks and design strategy to both technical teams and non‑technical stakeholders.

• Relevant professional certifications (e.g., Azure Security Engineer Associate, GCP Professional Cloud Security Engineer, CISSP, CCSP).
• Experience securing containerized environments (Kubernetes/AKS/GKE).
• Familiarity with Infrastructure as Code (IaC) tools such as Terraform or Pulumi.

TD is one of the world’s leading global financial institutions and the fifth largest bank in North America by branches. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. Our vision is to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues.

Our Total Rewards package includes a base salary, variable compensation, and key plans such as health and wellbeing benefits, savings and retirement programs, paid time off, banking benefits and discounts, career development, and reward and recognition programs.

We’ll reach out to candidates of interest to schedule an interview and will communicate outcomes by email or phone.

Your accessibility is important to us. Please let us know if you’d like accommodations to help us remove barriers throughout the interview process.

Sans Objet