Information Security Specialist - IAM RBAC & SOD

Work Location: Toronto, Ontario, Canada

Hours: 37.5

Line of Business: Technology Solutions

Pay Details: $96,900 - $136,800 CAD

TD Bank is seeking an experienced Identity and Access Management specialist to enhance and optimize the organization’s access management framework. The successful candidate will work with internal clients and technology teams to identify and define SOD policies.

• Contribute to SOD Policy creation and maintenance for assigned business applications, articulate and document Segregation of Duties policy requirements in collaboration with application subject matter experts.
• Guide stakeholders within defined parameters related to specific Technology Controls and Information Security programs, policies, standards, and incidents.
• Support development of technology risk reporting, monitoring key trends, and defining metrics to measure control effectiveness for your own area.
• Support technology processes, help launch governance practices to monitor, detect, prevent, and react to current and emerging security threats to TD, specifically within the Workforce Identity and Access Management space.
• Facilitate the Emerging Tech program working with various stakeholders including third party vendors, TD executives and various internal teams.
• Be a subject matter expert in Technology Risk related policies, procedures, technology control standards and regulatory guidelines.
• Apply a teamwork philosophy with technology and partners, service or platform owners to integrate all technology security components and address control gaps.
• Follow and promote relevant enterprise frameworks and methodologies (Agile methodologies including the Next Evolution of Work).
• Research and investigate regulatory compliance requirements, reporting and questions, support the team in resolving compliance, audit and regulatory issues.
• Adhere to policies, procedures, technology control standards and regulatory guidelines.
• Contribute to internal activity and process review, flag windows for improvement.
• Follow relevant enterprise frameworks and methodologies.
• Influence behavior to reduce risk, foster a strong technology risk management culture.
• Assess, identify and escalate issues appropriately where required.
• Contribute to definition of role management and separation of duties business framework and capabilities that align with our access management control standards.
• Interpret internal/external business issues and recommend best practices pertaining to SOD Policies.
• Deliver business services, functions and capabilities that optimize the use of process, technology, and our people, and take advantage of TD’s scale and operating model.

• University Degree or equivalent.
• Information Security Certification / Accreditation is an asset.
• 5-7 years of relevant experience.
• Ability to communicate effectively at all levels of the organization with an emphasis on senior leadership.
• Strong background in access governance and compliance frameworks.
• Experience implementing technology controls to address IAM related risks.
• Deep knowledge of Technology Risks and Controls as well as Risk treatment policies and procedures.
• Deep understanding of Identity and Access Management (IAM) principles.
• Demonstrated ability to succeed in projects of moderate to high complexity.
• Sound knowledge of Microsoft Excel, PowerPoint, SharePoint, Teams, Confluence and Power BI with an enhanced focus on automated reporting and dashboards.
• Experience with enterprise-level IAM platforms and tools including SailPoint.
• Providing complex IAM reporting, analysis, and assessments.

We look forward to hearing from qualified candidates.