SIEM Engineer

The Enterprise SIEM data engineering team is responsible for adhering to the Security Logging and Monitoring standard for the bank, also Governance, compliances, Access control, Automation, and data onboarding of different technologies.

This role will provide expert knowledge of Splunk platform engineering "hands on" for the proposal, data onboarding, and automation. The candidate will possess excellent subject matter expertise over a wide variety of security technologies and collaborate with other engineering teams. The Engineer must be up to date with the latest SIEM (Splunk & Azure Sentinel) security technologies and architecture.

• Enterprise Splunk suite of applications, ITSI, UBA, CRIBL
• Microsoft Security Solutions (Sentinel, etc.)
• Virtualization and Cloud (Azure, Google, AWS)
• Advanced Security Technologies (Monitoring toolset.)

The successful candidate must have demonstrated expert ability to lead a team, drive deliverables, work with leadership on strategy, architect, engineer, design, build, support, and document solutions in these areas of Security Engineering working closely with Business, other Security Engineering teams and the wider Engineering teams to ensure built solutions enhance productivity and add business value.

• Advanced knowledge of Enterprise Splunk applications and robust working experience in Enterprise Splunk administration.
• Must have advance experience with CIM compliance.
• Experience with Azure Cloud platform.
• Expertise with Microsoft Security Solutions.
• Existing knowledge of financial banks technical environment, tools, policies, procedures, and processes.
• Experience with Security as it applies to Cloud Solutions in Highly Virtualized Environments.
• Expert knowledge of Windows and/or RHEL/Unix log formats.
• Proficient knowledge of Python scripting.
• Understanding of network and server log formats.
• Proficiency in Splunk ITSI and UBA is an added advantage.
• Advance dashboard and Alerting skills.
• Advance knowledge of ITS and CRIBL a asset.
• Onboarding API's, DB's, and splunkbase apps.

• Work autonomously on high profile, complex and/or high-risk technology initiatives with significant impact to the organization.
• Expertise in assessing and selecting security tools and solutions that best meet the stated Security need at the Bank.
• Extensive related work experience in building complex Security Engineering Infrastructure solutions with the ability to be a key contributor in a complex and critical environment.
• Experience with security regulatory / compliance requirements.
• Developing and supporting less experienced team members with data onboarding which helps reduce the existing FD queue.
• Responsible for designing, implementing, and leading a Lunch and Learn program to demonstrate the value of existing and new capabilities of the PADE Team across the bank.
• Enforce internal policies to maintain efficiency and responsiveness to demands made by both leadership and internal customers.
• Assist with the management and allocation of staff to meet project goals and deadlines.
• Ability to work with various stakeholders, understand their requirements, design, implement and support the onboarding of their data within targets set.
• Experience in creating high level and technical presentations and communication skills to explain the approach to a varying audience.
• Strong analytical, reasoning, and organizational skills are essential.
• Excellent verbal and written communications skills are essential.
• Ability to establish and maintain effective working relationships with all levels of personnel both internally and externally, e.g., leadership, executives, clients, vendors, and agencies.
• Proven ability to work in a fast-paced environment and manage multiple deadlines and priorities.
• Adapts to new different or changing requirements, quickly grasps new concepts adapts and reflects on lessons learned - comfortable with ambiguity, analyzes and evaluates, defines problem/challenge, identifies alternatives, and makes timely decisions.
• Work closely & collaboratively with Internal Engineering, Deployment & Operations teams to drive design adoption across IT.
• Experience with Vendor Management and coordination concepts from multiple facets of the industry.
• Proven ability to leverage deep subject matter expertise to develop and deploy a vision and help align others to that vision.
• Attention to detail and follow through including the ability to document work.
• Ability to transfer knowledge to fellow team members.
• Ability to make engineering design decisions, efficiently build solutions, solves technical problems, and makes improvements to our systems.
• History of making an impact, developing, and executing on strategies and delivering superior results in both the short and long term.

• The ability to be adaptable and learn new things is critical to this role as we will frequently be called to design, build, and automate technology not currently in TD Bank.
• Highly motivated individual with a track record of successfully implementing security solutions across line of business boundaries.
• Must be able to work with a pool of experts and ensure high levels of service even when the effort crosses organizational boundaries.
• Thrives in a fast-paced environment, managing multiple deadlines and competing priorities.
• Excellent customer service orientation and a professional approach; including ability to interact with all levels across the organization.
• Proven negotiation and influencing abilities, with contract/vendor management experience an asset.
• Strong communicator, with excellent oral, written and presentation skills.

• University, post-graduate degree or 10+ years' experience.
• Splunk certifications.
• ISC Candidate, Certified Cyber Security Professional.
• Strong academic background (e.g., computer science, engineering).
• Certification in one or more of Azure, Splunk Admin, Splunk developer.
• Security +, CISSP, CISM or CISA.

TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues.

Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical, and mental well-being goals. Total Rewards at TD includes a base salary, variable compensation, and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off, banking benefits and discounts, career development, and reward and recognition programs.

We’re delighted that you’re considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we’re committed to providing the support our colleagues need to thrive both at work and at home.

Your accessibility is important to us. Please let us know if you’d like accommodations (including accessible meeting rooms, captioning for virtual interviews, etc.) to help us remove barriers so that you can participate throughout the interview process.