Information Security Specialist - Azure Cloud Security Architect

• Work Location: Toronto, Ontario, Canada
• Hours: 37.5
• Line of Business: Technology Solutions
• Pay Details: $91,200 - $136,800 CAD

Building a World-Class Technology Team at TD

We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD's technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.

TD Information Security covers the development and management of security strategies, policies, and programs to assess, prioritize, and mitigate business risk with technology controls. Priorities include: mitigating and managing cyber security threats, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity, and partnering with businesses for better technology delivery by providing advice on technology controls.

There's room to grow in all of it.

The Azure Cloud Security Architect is responsible for designing, implementing, and maintaining secure architectures across Microsoft Azure environments. This role will develop and maintain Security Technical Implementation Guides (STIGs), enforce Azure security standards, and ensure compliance across Azure and associated SaaS integrations. The ideal candidate has hands‑on experience with Azure‑native security services, infrastructure as code (IaC), and continuous compliance scanning.

• Develop and maintain Azure‑specific STIGs and hardening baselines for the Azure Platform and individual services.
• Align configurations with frameworks such as NIST 800‑53, CIS Benchmarks, ISO 27001, and FedRAMP.
• Continuously update guides as Azure features and compliance requirements evolve.
• Design and document secure Azure architectures, including networking, compute, data, and identity components.
• Design security controls supporting zero‑trust principles using Microsoft Entra ID, Conditional Access, and role‑based access control (RBAC).
• Integrate security controls into DevOps pipelines and ensure security configuration of Azure services.
• Collaborate with cloud architects, engineers, developers, and product owners to translate technical designs and practices into assessable and testable content.
• Participate in design reviews to stay informed on evolving architectures and ensure documentation aligns with implementation.
• Support internal and external audits and ensure alignment with enterprise security frameworks.
• Create dashboards and metrics to measure Azure security posture.
• Serve as the organization's Azure security SME and advisor to IT and DevOps teams.
• Mentor technical staff and assist with cross‑training on Azure security technologies, promoting security automation best practices.
• Influence compliance and governance as code operations for infrastructure security including defining security policies across Azure projects and organizations.
• Manage multiple projects and priorities simultaneously in an Agile environment.
• Conduct research on emerging security threats and vulnerabilities and incorporate mitigating security controls into the hardening standards.
• Adhere to, advise, oversee, monitor, and enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.

• University Degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
• Information Security Certification.
• 7+ years in information security with 3+ years focused on Azure security architecture.
• Strong understanding of cloud architecture principles and Azure services (Azure Resource Manager, networking, identity, monitoring, and automation, etc.).
• Proven experience developing and maintaining Security Technical Implementation Guides (STIGs) or equivalent security baselines.
• Hands‑on experience with Infrastructure as Code (IaC) tools (Terraform, Bicep, ARM).
• Experience with Azure Security Benchmarks, CIS controls, and automated compliance monitoring.
• Understanding of hybrid and multi‑cloud architecture patterns.
• Familiarity with SaaS security integrations and Microsoft 365 security ecosystem.
• Strong written and verbal communication skills with the ability to synthesize information from a multitude of resources and compile all relevant information clearly and comprehensively.

• Inspire a positive work environment and help champion quality, innovation, teamwork, and service to the business.
• Learn voraciously and stretch your thinking.

Sans Objet