TD Bank Information Security Specialist - Third Party Risk Assessment - Cyber in Wilmington, Delaware

Auto req ID 192128BR

Job Title Information Security Specialist - Third Party Risk Assessment - Cyber

Job Status Full Time

Country United States

Province/State Delaware

New Jersey

City1 Wilmington

Mount Laurel

Location Technology Center

Wilmington - Market Street

Business line TD Bank AMCB

Job Category - Primary Technology Solutions

Job Category(s) Technology Solutions

TD Description About TD Bank, America's Most Convenient Bank®

TD Bank, America's Most Convenient Bank, is one of the 10 largest banks in the U.S., providing more than 8 million customers with a full range of retail, small business and commercial banking products and services at approximately 1,300 convenient locations throughout the Northeast, Mid-Atlantic, Metro D.C., the Carolinas and Florida. In addition, TD Bank and its subsidiaries offer customized private banking and wealth management services through TD Wealth®, and vehicle financing and dealer commercial services through TD Auto Finance. TD Bank is headquartered in Cherry Hill, N.J. To learn more, visit www.tdbank.com. at http://www.tdbank.com/ Find TD Bank on Facebook at www.facebook.com/TDBank and on Twitter at www.twitter.com/TDBank_US .

TD Bank, America's Most Convenient Bank, is a member of TD Bank Group and a subsidiary of The Toronto-Dominion Bank of Toronto, Canada, a top 10 financial services company in North America. The Toronto-Dominion Bank trades on the New York and Toronto stock exchanges under the ticker symbol "TD". To learn more, visit www.td.com at http://www.td.com/ .

Department Overview

Building a World-Class Technology Team at TD

We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD's technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.

TD Information Security covers the development and management of security strategies, policies and programs to assess, prioritize, and mitigate business risk with technology controls. Priorities include: mitigating and managing cyber security threats, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity, and partnering with businesses for better technology delivery by providing advice on technology controls.

There's room to grow in all of it.

Job Description

About This Role

We are looking for someone to develop and implement Technology Controls and Information Security related policies, programs and tools. You will provide specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect TD. You may also participate on projects of moderate to high complexity and provide complex reporting, analysis, and assessments at the functional, business line or enterprise level.

Meaningful work is fueled by meaningful performance and career development conversations with your manager. Here are the essential job functions of this position:

  • Assisting with the Development of a consistent, agile, and repeatable Third Party Cyber Risk Management Risk Assessment process.

  • On-site and remote Third Party Cyber Risk Assessments including reporting and remediation tracking

  • Apply TD Risk and Control Framework relating to Technology Risk as well as the Operational Risk Methodology.

  • Continually demonstrate initiative and team unity as the Information Security and IT Risk representative for the 3PCRM program

  • Ensuring escalation and notification for Security and IT Risk related issues.

  • Participation as required in support of all strategic objectives established by the Third Party Cyber Risk Management Program Manager.

  • Comprehension of Federal and Industry based regulations as well as alignment to Third Party technology controls.

  • Maintaining the Third Party Inventory and developing the Third Party information repository

  • Vendor Intake engagements

  • Performing Due diligence, Contract Security Schedule Assessments, and Monitoring/Oversight for high-risk third parties

  • Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise .

Other duties as assigned

• Driving Requirements:

• Travel Requirements: Role requires up to 25% travel within Canada and USA

  • #DI

Job Requirements

What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. Here are the minimum requirements for this position:

  • University Degree.

  • Information Security Certification / Accreditation an asset.

  • 7+ years of relevant experience.

  • Expert knowledge of IT security and risk disciplines and practices.

  • Advanced knowledge of of organization, technology controls, security and risk issues.

  • Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.

  • Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors.

Qualifications

Preferred Qualifications - Here are the preferred qualifications for this role:

  • ISSP, CRISC, CISA, CISM, CEH or equivalent certification is preferred

  • Expertise in various technology control domains, such as Access Management, Vulnerability Monitoring, Network Security, Encryption, Change Control, Secure SDLC, Incident Response, Cloud Security, Disaster Recovery, Security Policies etc.

  • Strong understanding of ISO27000 Series, SSAE 16/CSAE 3416/ISAE 3402 SOC reports, PCI DSS, CSA CAIQ, BITS SIG, NIST, and vulnerability/penetration testing reports.

  • Supplier Risk Management experience dealing with high transaction, large/complex/matrix business environment ideally within Financial Services.

  • Deep knowledge of IT security and Risk disciplines and practices.

  • Ability to articulate technology risks in a business-friendly manner along with excellent client engagement/management skills

.

Hours Daytime Hours

Inclusiveness

At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live in and serve, and creating an environment where every employee has the opportunity to reach her/his potential.

If you are a candidate with a disability and need an accommodation to complete the application process, email the TD Bank US Workplace Accommodations Program at USWAPTDO@td.com . Include your full name, best way to reach you, and the accommodation needed to assist you with the application process.

EOE/Minorities/Females/Veterans/Individuals with Disabilities/Sexual Orientation/Gender Identity.

**Province/State (Primary) Delaware

City (Primary) Wilmington