Information Security Specialist - Cyber Threat Management

Join to apply for the Information Security Specialist - Cyber Threat Management role at TD.

Location: Toronto, Ontario, Canada

Hours: 37.5 hours/week

Line Of Business: Technology Solutions

Salary Range: $91,200 - $136,800 CAD

This role is eligible for a discretionary variable compensation that considers performance. TD offers fair and equitable pay, growth opportunities, and skill development. Actual offered salary may vary based on skills, experience, location, and organizational needs. Candidates are encouraged to discuss compensation openly with recruiters.

As an Information Security Specialist, you will detect, investigate, and respond to cyber threats targeting TD. You will work within the Cyber Security Incident Response Team (CSIRT), leading investigations, developing detection and hunting techniques, and enhancing incident response capabilities. This role requires deep technical expertise in incident handling, malware investigation, and cyber kill chain analysis. You will collaborate with stakeholders across Protect Platform, ITS, and business teams to reduce risk and improve security posture.

The role involves 24x7 security monitoring operations on a rotating shift schedule, including occasional on-call and weekend support.

• Guide partners on technology during incidents
• Lead cybersecurity incidents and events
• Develop containment and recovery plans for incidents
• Contribute to security management strategy and framework
• Ensure monitoring, detection, prevention, and response to threats
• Enhance operational security measures
• Adhere to policies, standards, and regulatory guidelines
• Review and improve internal processes
• Support enterprise security controls and risk management culture

• University degree or equivalent experience
• 7+ years of relevant experience
• Expertise in IT security and incident management across multiple domains
• Hands-on experience with SIEM, EDR, XDR, Firewall, WAF, email proxies, NIDS
• Proficiency with various operating systems (Windows, UNIX, Cloud, Mobile)
• Advanced scripting and data analysis skills
• Knowledge of enterprise controls, cybersecurity, and risks
• Strong communication and leadership skills
• Ability to lead complex projects and serve as a technology controls expert
• Eligibility to work under applicable regulatory standards

• Experience with network layer 7/application attacks and internet-facing threats
• Experience as an incident commander or manager
• Experience briefing executives on cyber incidents
• Authoring operational playbooks and governance documents
• Knowledge of security frameworks (NIST, SANS, OWASP, MITRE)
• Expertise with SIEM and UEBA solutions (Splunk, Azure Sentinel, CrowdStrike, MS Defender, XSOAR)
• Experience with forensics tools (Encase, Axiom, Autopsy, OSForensics, FTK)
• Relevant certifications (GIAC, CCNP, CCNA, CISSP, Cloud Security)

TD is a leading global financial institution, the fifth largest bank in North America, serving over 27 million customers. With over 95,000 colleagues, we are committed to customer experience, innovation, and community support. We offer comprehensive total rewards, including salary, benefits, and development programs.

We support career development through regular conversations, training, and mentoring. Our onboarding ensures you succeed in your role. We accommodate accessibility needs during the hiring process. We look forward to your application!

Seniority Level: Mid-Senior level

Employment Type: Full-time

Job Function: Information Technology

Industry: Banking