Senior Information Security Analyst Senior Information Security Analyst …

TD Bank Group
in Toronto, ON, Canada
Permanent, Full time
Be the first to apply
TD Bank Group
in Toronto, ON, Canada
Permanent, Full time
Be the first to apply
Senior Information Security Analyst
Company Overview

Tell us your story. Don't go unnoticed. Explain why you're a winning candidate. Think "TD" if you crave meaningful work and embrace change like we do. We are a trusted North American leader that cares about people and inspires them to grow and move forward.

Stay current and competitive. Carve out a career for yourself. Grow with us. Here's our story:

Department Overview

Building a World-Class Technology Team at TD

Building a World-Class Technology Team at TD

We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD's technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.

There's room to grow in all of it.

The IT Risk and Control team is part of Canadian Banking, Data & Collections (CBDC) Technology Solutions. Our team provides audit, risk and control assessment, consulting and relationship management for all CBDC TS. We act as the single point of contact for all CBDC TS audits or initiatives originating from our risk partners: ORM, TRMIS, and Internal & External Audit. In addition our assessment team also provides proactive control assessment, monitoring and remediation to ensure management actively manages their risks.

Job Description

About This Role

We are looking for someone to join us as we develop and implement policies, programs and tools related to TD Technology Controls and Information Security. We'll look to you to help provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect TD. You may also participate on projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.

Meaningful work is fueled by meaningful performance and career development conversations with your manager. Here's some of what you may be asked to perform:

The successful candidate will be responsible for managing audit engagements and findings, and be responsible for leading initiatives related to the proactive identification and remediation of IT risks within CBDC TS.
Specific responsibilities include:

End-to-End Audit Support and Consulting

  • Act as liaison between internal and external Audit and the client, and co-ordinate audits on behalf of CBDC TS from planning through to remediation
  • Advise and consult on management responses, action plans and remediation activities
  • Evaluate and validate evidence to ensure that control functions will close findings and that risks are mitigated
  • Provide feedback to partners with the objective of closing findings on time and to avoid overdue or repeat findings

Proactive IT Risk and Control Management
Proactively identify IT risks and strengthen IT controls by
  1. working with CBDC TS to analyze, evaluate and verify IT controls, processes and procedures,
  2. documenting self-identified control gaps,
  3. advising and supporting in the development of action plans and compensating controls to eliminate or reduce risks,
  4. tracking, reporting and driving progress of remediation activities
  • Proactively review IT risk control frameworks, processes and procedures looking for opportunities for optimization to increase efficiency and effectiveness and eliminate redundant processes
  • Raise awareness and visibility of IT risk issues that require management focus

  • Keep abreast of emerging trends and issues in information technology.
  • Contribute to building a proactive risk culture
  • Build and maintain positive working relationships by effectively communicating and regularly sharing information, issues/points of interest, learnings and knowledge with the team, internal and external business partners
  • Promote and foster a cohesive team and positive work environment that encourages innovation, creativity and collaboration
  • Support management and other team members in the achievement of individual, divisional and team goals


What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. It helps if you have:
  • Solid understanding of the concepts and practices of IT risk management, IT process and related controls.
  • Familiarity with the Bank's Technology Risk Management framework and IT Audit process as well as industry best practices
  • Solid understanding and experience with various Systems and Platforms (including Distributed Systems, Unix/Linux, Mainframe, Active Directory)
  • Ability to understand and detect business and technology issues and their impacts
  • Skillful communication (written and verbal), negotiation and partnership skills to balance input but remain objective to reach the right outcome - ability to stay resilient under pressure.
  • Ability to communicate effectively and build good working relationships with diverse groups to identify issues, reach consensus and implement workable solutions
  • Ability to effectively interact with individuals across the organization and at various levels (Technical, Business, Management & Executive).
  • Detailed oriented, strong analytical, organization and problem-solving skills
  • Must be self-motivated, energetic and results-oriented and be committed to adding value to the team
  • Excellent time management skills and a proven ability to meet deadlines and manage multiple tasks
  • Ability to work independently and in teams with minimal supervision
  • Good judgment- ability to determine which issues to escalate vs. to resolve independently, and provide suggestions for possible resolution
  • Strong facilitation skills
  • Experience with MS Office Suite of software (Word, PowerPoint, Visio, Outlook and Sharepoint) with expert working and operational knowledge of MS Excel
  • Experience with ACL (Audit Command Language) an asset
  • Previous audit or risk management experience preferable CISA, CRISC an asset

Additional Information

Join in on what others in TD Technology Solutions are doing:
  • Inspire a positive work environment and help champion quality, innovation, teamwork and service to the business.
  • Learn voraciously, stretch your thinking,




At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live and serve. If you require an accommodation for the recruitment/interview process (including alternate formats of materials, or accessible meeting rooms or other accommodation), please let us know and we will work with you to meet your needs.