TD Bank logo
Senior Manager, Threat Hunting - TD Bank Toronto, ON, Canada Bookmark Share Print 796 1 10

Listing Description

Building a World-Class, Diverse and Inclusive Technology Team at TD

Technology Risk Management and Information Security (TRMIS) is a group of technology, security and risk professionals in Canada, the U.S. and the U.K., focused on managing a comprehensive program to assess, prioritize, and mitigate business risk with technology controls.

The Cyber Security Team is responsible for protecting the Bank, customers and employees by mitigating and identifying technology threats to TD. Development of effective risk management programs help ensure TD’s best-in-class cyber security approach.

What We Stand For

The TRMIS program is continuously evolving to mitigate risks to the bank, including introducing new initiatives and improved defense. With a layered approach to protect customers, employees and the bank from cyber threats, TD manages, challenges and reviews technology controls for all business applications.

About This Role

Reporting to the AVP, Threat Intelligence and Analytics, the Senior Manager, Threat Hunting is responsible for leading a team in the detection, disruption, and the eradication of threat actors from enterprise networks. The Threat Hunting team will use advanced analytics, threat intelligence, and cutting-edge security technologies to participate in threat actor based investigations, create new detection methodologies, and provide subject matter expertise to incident response and monitoring functions. The Senior Manager, Threat Hunting will also directly support the Cyber Security Operations Center and other internal teams by applying analytic and technical skills to investigate intrusions, identify malicious activity, and potential insider threats.

Job Requirements

What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. It helps if you have:

• Minimum 5 years of people management experience

• At least 5 years of previous experience working in hunt teams, threat intelligence, incident response, or security operations

• Bachelor’s degree or equivalent program in Information Security, Information Technology, Computer Science, Management Information Systems or similar field experience is required; Master's degree preferred

• Expert knowledge of log management, security analytics and event management platforms

• Must be able to define events vs. alerts vs. incidents for the organization, and create incident classification, severity, and priority tables in line with all threats, risks and vulnerabilities

• Must be able to develop and document intelligence artifacts such advisories, AoA (Anatomy of Attack) and relevant detection and mitigation patterns.

• Hands on experience with writing and implementing complex analytics queries, threat visualization dashboards, and large data volume management.

• Strong working knowledge of security-relevant data, including network protocols, ports and common services, such as TCP/IP network protocols and application layer protocols (e.g. HTTP/S, DNS, FTP, SMTP, Active Directory etc.)

• Excellent written and oral communication skills

• Organizational and self-directing skills

• Ability to initiate, coordinate and prioritize Responsibilities and follow through on tasks to completion

• Ability to work independently on a variety of assignments with minimal supervision

• Completion of at least one of the following: GCIA, GPEN, GWAPT, GCIH, GSEC, CCNP, CISSP

Additional Information

Make your mark. Join a dynamic team. Explore new ideas. This is your opportunity to impact the future of banking technology in areas and ways you've never imagined (at a bank)! Visit techjobs.td.com to learn more.Here's some of what you may be asked to perform:

Manage a team of security professionals, : provide oversight, direction and mentoring

Lead threat hunting operations using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and mitigate threat actors on the network

Develop advanced methodologies to identify threat actor groups and associated tools, techniques and procedures

Produce metrics and develop dashboards to identify potential threats, suspicious/anomalous activity, malware, etc.

Drive the tuning of detection infrastructure with technology teams to identify emerging threats

Document best practices to enhance analyst playbooks, response procedures, and courses of action

Support the Cyber Security Operations Center and other internal teams by applying analytic and technical skills to investigate intrusions, identify malicious activity, and potential insider threats

Provide guidance and/or lead on the development of on-going Information Security risk reporting monitoring key trends and defining metrics to regularly measure control effectiveness

Proactively review internal processes and activities and identify opportunities for improvement

Influence behavior to reduce risk and foster a strong information security management culture throughout the enterprise

Remain informed of emerging issues, industry trends and/or relevant changes to the security landscape


Listing Details

  • Citizenship: Other Citizenship
  • Incentives: Both

 

  • Education: Bachelors Degree
  • Travel: Travel 25
  • Telework: Optional Telecommute



About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765