TD Bank Cloud Security Infrastructure Specialist in Vienna, Virginia
Cloud Security Infrastructure Specialist
About TD Bank, America's Most Convenient Bank®
TD Bank, America's Most Convenient Bank, is one of the 10 largest banks in the U.S., providing over 9.8 million customers with a full range of retail, small business and commercial banking products and services at more than 1,100 convenient locations throughout the Northeast, Mid-Atlantic, Metro D.C., the Carolinas and Florida. In addition, TD Auto Finance, a division of TD Bank, N.A., offers vehicle financing and dealer commercial services. TD Bank and its subsidiaries also offer customized private banking and wealth management services through TD Wealth®. TD Bank is headquartered in Cherry Hill, N.J. To learn more, visit www.td.com/us . Find TD Bank on Facebook at www.facebook.com/TDBank and on Twitter at www.twitter.com/TDBankUS and www.twitter.com/TDNewsUS .
TD Bank, America's Most Convenient Bank, is a member of TD Bank Group and a subsidiary of The Toronto-Dominion Bank of Toronto, Canada, a top 10 financial services company in North America. The Toronto-Dominion Bank trades on the New York and Toronto stock exchanges under the ticker symbol "TD". To learn more, visit www.td.com .
We offer a competitive salary and benefit program, including: comprehensive, affordable health care through medical, dental, and vision coverage; financial security with life and disability insurance; opportunities to save using health savings and flexible spending accounts; retirement benefits to help prepare for the future; paid time off and work/life benefits to maintain a good balance.
Auto req ID:
Building a World-Class Technology Team at TD
We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD's technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.
TD Information Security covers the development and management of security strategies, policies and programs to assess, prioritize and mitigate business risk with technology controls. Priorities include: mitigating and managing cybersecurity threats, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity and partnering with businesses for better technology delivery by providing advice on technology controls.
And there's room to grow in all of it.
United States, US TD Footprint
What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. Here are the minimum requirements for this position:
Information Security Certification / Accreditation an asset.
7+ years of relevant experience.
Expert knowledge of IT security and risk disciplines and practices.
Advanced knowledge of of organization, technology controls, security and risk issues.
Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.
Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors.
Must be eligible for employment under regulatory standards applicable to the position.
About This Role.
We are looking for someone to join us as we develop and implement policies, programs and tools related to TD Technology Controls and Information Security. We'll look to you to help provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risk and protect TD.
You may also be asked to participate in projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.
Meaningful work is fueled by meaningful performance and career development conversations that you'll have with your manager.
What does it entail?
This role is critical for defining, documenting and ensuring the completeness and correctness of implemented technical and process controls related to the technical security controls connected to end-point devices implemented or operated in TD Azure Cloud. More specifically, the Cloud Infrastructure Security Specialist will:
•\tDirect and provide hardening guidance for cloud services from Cloud Service Providers such as Microsoft, Amazon and Google.
•\tDevelop, implement, monitor and enhance data security policies, procedures, and standards related to Azure, AWS and GCP.
•\tPerform in-depth risk assessments to ensure that the security safeguards and controls are aligned with our security policy and standards.
•\tReview infrastructure design on-premises and on the Cloud (inclusive of container security architecture, data security architecture, network security architecture, and operational security architecture).
•\tAssess the infrastructure and microservices design against different security regulatory, industry and internal standards such as TD Cloud Control Matrix, NIST, HITRUST CSA Containers' security guidelines and identify the necessary security architecture requirements.
•\tExecute on Cloud security engagements during different phases of the lifecycle – assess, design and implementation. Implementing industry-leading practices around cyber risks and cloud security.
•\tCreate technical and managerial level reports (KPI) and risk assessments for on-premises and cloud-based applications and infrastructure.
•\tEnsure a "single pane of glass" into end-point controls and full automation of end-point controls in the ecosystem of TD Azure Cloud is automated from implementation, reporting and remediation perspective.
•\tResearch, create, develop and enforce security policies, standards and procedures to ensure the protection of the organization's security and systems as specified by the HITRUST/NIST control framework.
•\tProvide IT and business resources guidance in interpreting security compliance requirements and performing application and system security assessments.
At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live in and serve, and creating an environment where every employee has the opportunity to reach their potential.
If you are a candidate with a disability and need an accommodation to complete the application process, email the TD Bank US Workplace Accommodations Program at USWAPTDO@td.com . Include your full name, best way to reach you, and the accommodation needed to assist you with the application process.
EOE/Minorities/Females/Veterans/Individuals with Disabilities/Sexual Orientation/Gender Identity.
Connecticut, Delaware, Florida, Maine, North Carolina, New Jersey, New York, South Carolina, TD Footprint
Baltimore City, Charlotte, Cherry Hill, Concord, Fairfield, Greenville, Mount Laurel, New York, Providence, TD Footprint, Wilmington
Preferred Qualifications - Here are the preferred qualifications for this role:
•\tAt least 10 years experience in information technology required.
•\t5+ years of relevant information security and information risk management experience.
•\t3+ years of relevant experience in Azure cloud security, including IaaS, PaaS and SaaS.
•\tKnowledge of cybersecurity concepts, including threats, vulnerabilities, security operations, encryption, boundary defense, auditing, authentication and risk management.
•\tSkilled experience in Azure Cloud Security Architecture and Microservices Security (e.g. Tenant Security, AKS Security, Containers Security, Pod Security, Application Gateway & WAF, Security Groups and VNET Segmentations, Security Analytics, etc.).
•\tKnowledgeable in the dependencies related to end-point security and interaction with other components such as privilege management system, SIEM, SOAR, vulnerability management solution and operating model, PKI/Encryption technology, Firewall/IPS, WAF etc.
•\tUnderstanding the dependencies related to application security best practices such as secure coding, security testing techniques.
•\tFamiliarity of Infrastructure as a Service, Infrastructure as Code and related concepts on Azure Cloud.
•\tWorking knowledge of common and industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc.).
•\tExperience and exposure to threat modelling and design reviews to assess security implications and requirements for the introduction of new technologies.
•\tSkilled in representing technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions.
•\tIn-depth understanding in applying native cloud security and monitoring services in the cloud, including network firewalls, access control lists, encryption, auditing and monitoring, alerting, secrets management and compliance scanning.
•\tFamiliarity with IT service management processes and concepts, including change management, incident management, problem management and configuration management
•\tKnowledge of configuration management technologies (i.e., SaltStack and Ansible), Infrastructure Automation Technologies (i.e., Terraform), Containerization and Cloud Orchestration Technologies (i.e., Kubernetes, Dockers), Windows/Linux and related services (i.e., Active Directory, DNS, MSSQL).
•\tExperience implementing and/or supporting a large-scale corporate enterprise solution.
•\tExperience with Azure DevOps and DevOps tooling such as Jenkins, SaltStack, XL Release, Bit Bucket.
•\tWorking knowledge in these following areas: Microsoft PowerShell, Bash scripting, Azure Command-line interface, AquaSec, Azure templates and Azure software infrastructure.
•\tSkilled in full software or systems development life cycle, including requirements analysis, design, integration, testing and implementation.
•\tKnowledge of federal IT and cloud security policies, including FISMA, FedRAMP, NIST 800–53, and DoD Cloud SRG and applying them to the design and implementation of cloud solutions to achieve an authorization to operate (ATO).
•\tComfortable working with enterprise architecture while collaborating with cross-functional teams to implement solutions.
•\tStrong interpersonal and communication skills; ability to work in a team environment
•\tSelf-starter/self-motivated; ability to work independently with minimal direction
•\tTechnical writing experience.
•\tDemonstrate solid understanding and experience with systems automation platforms and technologies.
•\tProven experience in setting up and managing Azure tenancies, Azure policy management and resource management would be a plus.
•\tCompleted large/complex Cloud transformation projects
•\tValid certification such as CompTIA Security+, CISSP, CCSP or CCSK
•\tCompleted projects related to AWS and/or Azure for a private-sector employer
•\tAzure Security Certification
4140 Church Road
TD Bank AMCB
Job Category - Primary:
Job Searches Match:
District of Columbia
$87,000 - $164,000 annually
Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.