Information Security Specialist

Lieu de travail : Toronto, Ontario, Canada

Horaire : 37.5

Secteur d’activité : Solutions technologiques

Détails de la rémunération: $91,200 - $136,800 CAD

En tant que candidat, nous vous encourageons à poser des questions sur la rémunération et à avoir une conversation franche avec votre recruteur, qui pourra vous fournir des détails plus précis sur ce poste.

Description du poste :

Department Overview

TD Information & Cyber Security covers the development and management of security strategies, policies and programs to assess, prioritize and mitigate business risk with technology controls. Priorities include mitigating and managing cyber security threats, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity and partnering with businesses for better technology delivery by providing advice on technology controls.

Enterprise Protect, Governance, Risk & Compliance (GRC) is responsible for providing policies and governance for managing risk across the organization through a set of technology-based standards and controls. The Platforms and Technology Risk Services GRC Product and Process Design Group is responsible for the functional design and business support for the Enterprise Protect GRC platform which includes several technology assessment processes, control exception governance processes and related reporting for the Enterprise and business segments to ensure visibility into current and emerging risks enabling investment decisions and prioritization of risk reduction efforts.

About This Role

Reporting to the Product Owner for the Enterprise Protect GRC solution, the candidate will be a member of a high performing team of Technology and Risk professionals utilizing personal experience and expertise in Technology, Information and Cyber Security risk management to support the review and delivery of high-quality documentation for assessments, control exceptions and support related reporting capabilities. Specific responsibilities include:

• Supporting the analysis of business needs and translating the business needs into requirements for the Archer development team
• Operational support for Archer inquiries from the user community (access request assistance, Archer user report development assistance and general inquiries on Archer)
• Ad-hoc file preparation for bulk updates (i.e. organizational changes, asset realignment, etc.)
• Release testing and business test case preparations
• Lead process definition and design sessions, partnering with Cyber & Technology Risk subject matter experts and the GRC Business Information Security Officer (BISO) leads and subject matter experts
• Provide ad-hoc reporting from Archer on the various modules (assessments, exception management, control standards)
• Development of documentation and training materials to support the existing and new functionality in Archer.
• Lead reviews of internal processes, identify and deliver improvements for efficiency, quality and effectiveness or our products and services
• Provide support for Audit and Regulatory requests associated with the team's governance processes
• Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines
• Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise

Job Requirements

• University Degree
• Strong written and verbal communication skills and comfortable communicating at all levels of the organization, strong presentation skills a must
• Must be proficient with technology tools including MS Office, databases and GRC tools (Archer user experience preferred)
• Ability to manage multiple efforts simultaneously, strong project management, reporting, and organizational skills
• Demonstrated ability to participate in complex, comprehensive or large projects and initiatives
• Sound knowledge of one or more technology controls or security domains, disciplines, and practices
• Preferred knowledge of financial industry's technology controls and security risk issues
• Strength in prioritizing and managing your own workload to deliver quality results and meet timelines with limited guidance of management
• 7+ years' experience in the area of IT risk and technology and/or information security in a large organization (experience in a high transaction, large/complex/matrix business environment ideally within Financial Services an asset) including Technology and Cyber-security risk analysis
• Business/technology experience with experience collaborating with others in highly matrix, cross-functional environment

Additional Information

Make your mark. Join a dynamic team. Explore new ideas. This is your opportunity to impact the future of banking technology in areas and ways you've never imagined (at a bank)! Visit techjobs.td.com to learn more.