Senior Cyber Security Engineer - Endpoint Engineering

Work Location: Toronto, Ontario, Canada

Hours: 37.5

Line of Business: Technology Solutions

Pay Details: $91,200 - $136,800 CAD

This role is temporarily eligible for a pay premium above the posted salary range that is reassessed annually. You are encouraged to have an open dialogue with your recruiter who can provide more specific pay details for this role.

The base pay actually offered may vary based upon the candidate's skills and experience, job‑related knowledge, geographic location, and other specific business and organizational needs.

The Protect Platform consists of teams across North America, whose mandate is to protect TD customers, colleagues and shareholders from cyber and financial crimes and fraud. Collectively our businesses lead TD's enterprise‑wide fraud, cyber threat, and technology risk strategies, advance analytics capabilities, and drive operational efficiency to improve governance, oversight and collaboration between fraud management and other functions within the Bank.

Endpoint Protect is part of the broader Security Engineering team of the Protect Platform with the mandate to plan, evaluate, recommend, design, operationalize, and support security solutions. These solutions focus on protecting endpoints, which consist of servers and workstations, in compliance with enterprise and industry standards.

• Guiding and leading various team members with initiatives the Endpoint Protect team is involved with either in a leading or supporting capacity
• Applying your experience and expertise to ensure all TD areas that interact with Endpoint Threat Protection and Automation technologies (eg: EDR, AV, FIM, SOAR, etc.) are implemented correctly and have the necessary capabilities, processes and documentation to operate effectively.
• Contribute to project activities such as: understanding business needs to properly scope and estimate project efforts, identifying risks and recommending mitigation measures, communicating activity status, as well as escalating and communicating possible issues and working with other teams within and outside of security engineering to ensure project goals are being met and any projects you lead continue to make progress.
• Build relationships and support internal teams (eg: Cyber Security Operations, Red / Blue / Hunting Teams, Threat Intelligence) leveraging other Endpoint Threat Protection tools such as the threat intel, breach attack simulation and automation platforms for their team's deliverables
• Partner with Operations to automatically integrate with appropriate tools and processes efficiency improvements via automation (scripting or using software development techniques)
• Leading and participating in changes / updates to infrastructure that may occur outside business hours
• Monitor and control costs associated with your work, which may include contributions to negotiations of third‑party contracts/agreements
• Collaborate with governance and control groups (e.g. regulatory and operational risk, compliance and audit) to provide your subject matter expertise and consult on risk and compliance issues related to Engineering technology and tools.
• Work with technology partners (e.g., Solution Designers and Architects) to research and analyze current state system capabilities and define technology solutions options and recommendations.
• Gain knowledge in own area, stay abreast of technology trends and developments, develop expertise in TD services, applications, infrastructure, analytical tools and techniques, business domains and their products and services.
• Work with vendors to support business case development (consistent with technology requirements and guidelines) including benefits identification, RFI/RFP and service level agreements.
• Coach new or less experienced colleagues and serve as a reference point throughout requirements management life cycle.

• Experience with solution, policy and architecture design along with experience implementing and supporting endpoint security tools, particularly EDR, FIM, Security Automation / Orchestration platforms, Threat intelligence tools / platforms, Breach Attack Simulation platforms and similar:
  • Examples of such tools include (but not limited to): Crowdstrike, Microsoft Defender Platform tools, Symantec DataCentre Security, XSOAR
• Experience leading multi‑team projects and managing project timelines to ensure deliverables are met
• Extensive experience with OS administration and troubleshooting (Windows and Linux; macOS is a plus)
• Knowledge of modern digital architecture (cloud, container, messaging and microservices)
• Proficiency, experience, and sound knowledge of other design activities used to secure systems and networks
• Proficient in troubleshooting application and network issues
• Customer Service in an IT context which includes communications both to technical and non‑technical teams and individuals
• A strong desire to work and learn independently, and able to contribute in a team environment
• Nice to have:
  • Familiarity with operating or developing in Azure, AWS or Google Cloud Compute Platform
  • Technology and Infrastructure (such as): Azure / Azure AD / Active Directory / Networks