Work Location:
Toronto, Ontario, Canada

Hours:
37.5

Line of Business:
Technology Solutions

Pay Details:
$96,900 - $136,800 CAD

TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs.

As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role.

Job Description:

Information Security Specialist: Enterprise Vulnerability Management (EVM) Application Security Advisory Services.

Purpose : Enterprise Vulnerability Management (EVM) manages a strategic, sustainable, and proactive approach to vulnerability management through continuous identification, assessment, reporting, and remediation prioritization of vulnerabilities affecting TD IT assets, with the purpose of mitigating the risk of threat actor exploitation.

People: You will partner with technology stakeholders and service/platform owners, and advise on Technology Controls / Information Security programs, policies, standards, and incidents within your specialized area.

Presence: Your work helps ensure technology, processes, and governance are in place to monitor , detect, prevent, and react to current and emerging security threats, and supports enterprise risk reporting and control effectiveness of metrics.

Job Details - What You'll Do

As an Information Security Specialist within TD Enterprise Vulnerability Management - Application Security Advisory Services , you will play a critical role in strengthening the security of TD applications and enabling delivery teams to remediate risk effectively.

Identify and Reduce Application Risk

• Analyze and identify security vulnerabilities in source code using automated and manual static analysis tools and techniques

• Detect, analyze, and provide remediation guidance for vulnerabilities across multiple programming languages

• Develop and maintain high - quality vulnerability descriptions, business impact statements, and remediation guidance

Enable Secure Software Development

• Train and assist developers in writing secure software and remediating identified vulnerabilities

• Contribute to the development and delivery of secure coding and remediation training

• Research, develop, and recommend open - source tools to support secure code review and application security testing

• Recommend best practices to integrate and automate application security testing throughout the SDLC

Provide Trusted Security Advisory Services

• Provide consultation and advice to partners on t echnology c ontrols, i nformation s ecurity programs, policies, standards, and incidents within your area of expertise

• Conduct project consulting on risk assessment, control definition, control effectiveness, vulnerability assessments, and remediation strategies

• Lead or contribute to risk and control design assessments for application portfolios, clearly documenting control gaps, business impact, and remediation plans

Strengthen Enterprise Controls and Compliance

• Contribute to the definition, development, and oversight of global security management strategies and frameworks

• Ensure technology, processes, and governance are in place to monitor, detect, prevent, and respond to emerging security threats

• Develop ongoing technology risk reporting, track trends, and define metrics to measure control effectiveness

• Consult on regulatory compliance requirements and support audit preparation, management responses, and remediation activities

• Participate in computer security incident response activities, representing the enterprise security position to business stakeholders

Act as an Enterprise Risk Leader

• Adhere to internal policies, technology control standards, and applicable regulatory requirements

• Influence behavior across the organization to reduce risk and foster a strong risk management culture

• Identify emerging risks, industry trends, and regulatory changes, assessing potential impacts to the Bank

• Define, develop, and maintain standards, policies, procedures, and solutions that reduce risk and improve security effectiveness

• Escalate key issues to appropriate stakeholders and participate as a subject - matter expert in enterprise initiatives

Grow the Team and Yourself

• Continuously enhance expertise and stay current with emerging security trends and practices

• Mentor team members and support consistent, high - quality delivery of assessments

• Prioritize and manage workload to meet timelines and deliver quality outcomes

• Build strong relationships across technology, business, and control partners

• Support knowledge sharing and collaboration within the team and across the organization

Job Requirements - What You Need to Succeed

We're proud to work with a group of diverse colleagues. If you have relevant experience that isn't mentioned below, tell us about it in your resume or cover letter.

Required

• University degree

• 7+ years of relevant experience in information security, technology risk, or related disciplines

• 1+ years of experience in application security , including secure code review, web application penetration testing, or threat modelling

• 1+ years of experience in secure code review / static application security testing

• Detailed understanding of the OWASP Top 10 and CWE Top 25 , with the ability to identify and remediate vulnerabilities in source code

• Working knowledge of ServiceNow

• Strong ability to clearly explain security risk and business impact of application vulnerabilities to technical and non - technical audiences

Preferred

• Information security certification or accreditation (e.g., CISSP, CSSLP, GIAC, or equivalent)

Who We Are:

TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we strive to make every interaction, product, and experience remarkably human and refreshingly simple for over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to foster deeper relationships, ensure disciplined execution, and build a simpler, faster banking experience. TD is deeply committed to being a leader in client experience, that is why we believe that all colleagues, no matter where they work, are client facing. Together, we are reimagining what banking can be for our clients, colleagues and communities.

Our Total Rewards Package
Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical, and mental well-being goals. Total Rewards at TD includes a base salary, variable compensation, and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off, banking benefits and discounts, career development, and reward and recognition programs. Learn more

Additional Information:
We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home.

Please be advised that this job opportunity is subject to provincial regulation for employment purposes. It is imperative to acknowledge that each province or territory within the jurisdiction of Canada may have its own set of regulations, requirements.

Colleague Development

If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities.

If you're passionate about helping clients and building deep, lasting relationships, TD offers diverse career paths where you can grow your expertise and make a meaningful impact.

We're committed to your success and foster a respectful workplace where diverse perspectives are valued, everyone has fair opportunities to grow, and you can unlock your full potential to achieve your career goals. Here at TD, we hire and develop the best.

Training & Onboarding
We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role.

Interview Process
We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call.

Accommodation
Your accessibility is important to us. Please let us know if you'd like accommodations (including accessible meeting rooms, captioning for virtual interviews, etc.) to help us remove barriers so that you can participate throughout the interview process.

We look forward to hearing from you!

Language Requirement (Quebec only):
Sans Objet