informatics security analyst
Title posted on CareerBeacon -
Information Security Specialist - Red Team Operator
Posted on
September 20, 2024
by
Employer details
TD Bank
Job details
Work Location:CanadaHours:37.5Line of Business:Technology SolutionsPay Details:We're committed to providing fair and equitable compensation to all our colleagues. As a candidate, we encourage you to have an open dialogue with a member of our HR Team and ask compensation related questions, including pay details for this role.Job Description:Job Description The Information Security Specialist within Assurance Operations is responsible for ensuring technology controls are sufficiently protecting business risk, through the application of the Technology Risk & Control framework, and overseeing security standards, policies and procedures.This role will take the traditional vulnerability assessment and build upon it, acting as "red team" members to evaluate the security of TD's external networks, applications, sensitive internal systems, mobile device application and data coding standards. Our red team testers will need to go beyond the typical enumerating vulnerabilities through scanning and need to look at exploiting issues noted in the scanning, or discovering issues not picked up in security scanning.The Information Security Specialist will,Provide consultation and advice to partners on a broad range Technology Controls / Information Security programs / policies / standards and incidents for own specialized area;Act as a lead expert resource in technology controls / information security for project teams, the business / organization and/or outside vendors;Provide support in the discipline of the Cybersecurity Assurance ProgramParticipate in the development of new cyber security assessment practice servicesSimulates malicious tactics of a motivated adversary with the intent of achieving a specific goal or accessConduct penetration testing for the red team which includes:Network, System, Application, Mobile, traditional web and wireless penetration testingExperience in exploiting web apps and web services security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, and API attacks.Writing exploit code for local testingHardware HackingSocial EngineeringContribute to the definition, development, and oversight of a global security management strategy and framework;Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology / security threats against TDBG's business;Develop on-going Technology Risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area;Work proactively with technology partners / stakeholders and service/platform owners to ensure all technology security components are integrated into the bank's overall Enterprise Architecture, and any control gaps are addressed;Consult on Regulatory compliance requirements, reporting and questions;Provide support and consulting in preparation for Audits and in composing management responses and appropriate remediation activities;Participate in computer security incident responses relevant to business (or enterprise wide) and represent respective function and Enterprise position to the business, and business needs to incident response team.Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise;Define / develop / implement / manage standards, policies, procedures, and solutions that mitigate risk and maximize security, availability of service, efficiency and effectiveness;Job RequirementsUniversity Degree.OSCP required7+ years of relevant experience.Expert knowledge of IT security and risk disciplines and practices.Advanced knowledge of organization, technology controls, security and risk issues.Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and out
-
LocationToronto, ON
-
Workplace information
On site
-
SalaryNot available
-
Terms of employment
Permanent employmentFull time
- Start date
Starts as soon as possible
- vacancies
1 vacancy
- Source
CareerBeacon
#2105120
Advertised until
2024-10-19
Important notice: This job posting has been provided by a partner site. Job Bank is not responsible for this content.
Report a problem with this job posting
Thank you for your help!
You will not receive a reply. For enquiries, please contact us.