TD Bank Sr Information Security Analyst - Threat Hunting - Cyber in Alpharetta, Georgia
Auto req ID 190438BR
Job Title Sr Information Security Analyst - Threat Hunting - Cyber
Job Status Full Time
Country United States
District of Columbia
20th & K - Washington
Austin-1300 S Mopac
Colorado Springs-Remote Location
Wilmington - Market Street
Business line TD Bank AMCB
Job Category - Primary Technology Solutions
Job Category(s) Technology Solutions
About TD Bank, America's Most Convenient Bank®
TD Bank, America's Most Convenient Bank, is one of the 10 largest banks in the U.S., providing more than 8 million customers with a full range of retail, small business and commercial banking products and services at approximately 1,300 convenient locations throughout the Northeast, Mid-Atlantic, Metro D.C., the Carolinas and Florida. In addition, TD Bank and its subsidiaries offer customized private banking and wealth management services through TD Wealth®, and vehicle financing and dealer commercial services through TD Auto Finance. TD Bank is headquartered in Cherry Hill, N.J. To learn more, visit www.tdbank.com. at http://www.tdbank.com/ Find TD Bank on Facebook at www.facebook.com/TDBank and on Twitter at www.twitter.com/TDBank_US .
TD Bank, America's Most Convenient Bank, is a member of TD Bank Group and a subsidiary of The Toronto-Dominion Bank of Toronto, Canada, a top 10 financial services company in North America. The Toronto-Dominion Bank trades on the New York and Toronto stock exchanges under the ticker symbol "TD". To learn more, visit www.td.com at http://www.td.com/ .
Building a World-Class, Diverse and Inclusive Technology Team at TD
Technology Risk Management and Information Security (TRMIS) is a group of technology, security and risk professionals in Canada, the U.S. and the U.K., focused on managing a comprehensive program to assess, prioritize, and mitigate business risk with technology controls.
The Cyber Security Team is responsible for protecting the Bank, customers and employees by mitigating and identifying technology threats to TD. Development of effective risk management programs help ensure TD’s best-in-class cyber security approach.
What We Stand For
The TRMIS program is continuously evolving to mitigate risks to the bank, including introducing new initiatives and improved defense. With a layered approach to protect customers, employees and the bank from cyber threats, TD manages, challenges and reviews technology controls for all business applications.
About This Role
Reporting to the Senior Manager, Threat Hunting, the Threat Hunting Analyst is responsible for helping the team in the detection, disruption, and the eradication of threat actors from enterprise networks. The Threat Hunting team will use advanced analytics, threat intelligence, and cutting-edge security technologies to participate in threat actor based investigations, create new detection methodologies, and provide subject matter expertise to incident response and monitoring functions. The Threat Hunting Analyst will also directly support the Cyber Security Operations Center and other internal teams by applying analytic and technical skills to investigate intrusions, identify malicious activity, and potential insider threats.
Here's some of what you may be asked to perform:
• Participate in threat hunting operations using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and mitigate threat actors on the network
• Develop advanced methodologies to identify threat actor groups and associated tools, techniques and procedures
• Produce metrics and develop dashboards to identify potential threats, suspicious/anomalous activity, malware, etc.
• Drive the tuning of detection infrastructure with technology teams to identify emerging threats
• Document best practices to enhance analyst playbooks, response procedures, and courses of action
• Support the Cyber Security Operations Center and other internal teams by applying analytic and technical skills to investigate intrusions, identify malicious activity, and potential insider threats
• Provide guidance and/or lead on the development of on-going Information Security risk reporting monitoring key trends and defining metrics to regularly measure control effectiveness
• Proactively review internal processes and activities and identify opportunities for improvement
• Influence behavior to reduce risk and foster a strong information security management culture throughout the enterprise
• Remain informed of emerging issues, industry trends and/or relevant changes to the security landscape
About This Role
We are looking for someone to join us as we develop and implement policies, programs and tools related to TD Technology Controls and Information Security. We'll look to you to help provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect TD. You may also participate on projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.
Meaningful work is fueled by meaningful performance and career development conversations with your manager. Here are the essential job functions of this position:
Guide and advise partners on a broad range of specific Technology Controls and Information Security programs, policies, standards and incidents.
Engage in assessments related to risk, controls, implemented control procedures, vulnerability etc..
Lead or contribute to risk and control design assessments for an assigned business application, business portfolio, and overall enterprise, as well as risk mitigation and remediation plans and remediation strategy.
Actively contribute to the definition, development, and oversight of a global security management strategy and framework.
Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats to TD.
Develop on-going technology risk reporting, monitoring key trends and defining metrics to measure control effectiveness for your own area.
Apply a teamwork philosophy with technology and partners, service or platform owners to integrate all technology security components and address control gaps.
Consult on regulatory compliance requirements, reporting and questions.
Provide support and consulting for Audits, help compose management responses and appropriate remediation activities.
Participate in computer security incident responses relevant to business (or enterprise wide), represent your respective position to the business while conveying their needs to the incident response team.
Adhere to policies, procedures, technology control standards and regulatory guidelines.
Contribute to internal activity and process review, flag windows for improvement.
Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies related to technology controls / information security activities.
Influence behavior to reduce risk, foster a strong technology risk management culture.
Define, develop, implement and manage standards, policies, procedures, and solutions that mitigate risk and maximize security, service availability, efficiency and effectiveness.
Manage relationships with other technology/business/corporate/control functions.
Assess, identify and escalate issues appropriately.
Other duties as assigned
At least 3-5 years of previous experience working in hunt teams, threat intelligence, incident response, or security operations
Strong working knowledge of security-relevant data, including network protocols, ports and common services, such as TCP/IP network protocols and application layer protocols (e.g. HTTP/S, DNS, FTP, SMTP, Active Directory etc.)
A background in Data Science, Statistics, anomaly detection or similar skills would be an asset
What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. Here are the minimum requirements for this position:
Information Security Certification / Accreditation an asset.
5-7 years of relevant experience.
Firm commitment to staying informed and abreast of emerging issues, industry trends etc.
Advanced knowledge of one or more technology controls or security domains, disciplines and practices.
Sound to advanced knowledge of business, technology controls, security and risk issues.
Demonstrated ability to participate in projects of moderate to high complexity.
Ability and commitment to serve as a subject matter expert on business-specific, cross-functional and enterprise initiatives.
Readiness to participate in projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.
Qualifications Preferred Qualifications - Here are the preferred qualifications for this role:
Hours Day Hours
At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live in and serve, and creating an environment where every employee has the opportunity to reach her/his potential.
If you are a candidate with a disability and need an accommodation to complete the application process, email the TD Bank US Workplace Accommodations Program at USWAPTDO@td.com . Include your full name, best way to reach you, and the accommodation needed to assist you with the application process.
EOE/Minorities/Females/Veterans/Individuals with Disabilities/Sexual Orientation/Gender Identity.
**Province/State (Primary) Delaware
City (Primary) Wilmington
ProvState 2 Alabama
City(s) 2 Montgomery
ProvState 3 Colorado
City(s) 3 Colorado Springs
ProvState 4 District of Columbia
City(s) 4 Washington
ProvState 5 Georgia
City(s) 5 Alpharetta
ProvState 6 Texas
City(s) 6 Austin
ProvState 7 Virginia
City(s) 7 Alexandria