[Close] 

Information Security Specialist - Threat Hunting - Cyber

Auto req ID 190441BR
Job Title Information Security Specialist - Threat Hunting - Cyber
Job Status Full Time
Country UNITED STATES
Province/State Alabama
Colorado
Delaware
District of Columbia
Georgia
Texas
Virginia
City1
Colorado Springs
Washington
Wilmington
Alpharetta
Atlanta
Austin
Montgomery
San Antonio
Alexandria
Vienna
Location
20th & K - Washington
Alexandria/South Washington
Austin-1300 S Mopac
Colorado Springs-Remote Location
Vienna
Wilmington - Market Street
Business line TD Bank AMCB
Job Category - Primary Technology Solutions
Job Category(s) Technology Solutions
TD Description
About TD Bank, America's Most Convenient Bank?
TD Bank, America's Most Convenient Bank, is one of the 10 largest banks in the U.S., providing more than 8 million customers with a full range of retail, small business and commercial banking products and services at approximately 1,300 convenient locations throughout the Northeast, Mid-Atlantic, Metro D.C., the Carolinas and Florida. In addition, TD Bank and its subsidiaries offer customized private banking and wealth management services through TD Wealth?, and vehicle financing and dealer commercial services through TD Auto Finance. TD Bank is headquartered in Cherry Hill, N.J. To learn more, visit www.tdbank.com. at http://www.tdbank.com/ Find TD Bank on Facebook at www.facebook.com/TDBank and on Twitter at www.twitter.com/TDBank_US .
TD Bank, America's Most Convenient Bank, is a member of TD Bank Group and a subsidiary of The Toronto-Dominion Bank of Toronto, Canada, a top 10 financial services company in North America. The Toronto-Dominion Bank trades on the New York and Toronto stock exchanges under the ticker symbol "TD". To learn more, visit www.td.com at http://www.td.com/ .
Department Overview
Building a World-Class, Diverse and Inclusive Technology Team at TD
Technology Risk Management and Information Security (TRMIS) is a group of technology, security and risk professionals in Canada, the U.S. and the U.K., focused on managing a comprehensive program to assess, prioritize, and mitigate business risk with technology controls.
The Cyber Security Team is responsible for protecting the Bank, customers and employees by mitigating and identifying technology threats to TD. Development of effective risk management programs help ensure TD?s best-in-class cyber security approach.
What We Stand For
The TRMIS program is continuously evolving to mitigate risks to the bank, including introducing new initiatives and improved defense. With a layered approach to protect customers, employees and the bank from cyber threats, TD manages, challenges and reviews technology controls for all business applications.
About This Role
Reporting to the Senior Manager, Threat Hunting, the Threat Hunting Senior Analyst is responsible for helping the team in the detection, disruption, and the eradication of threat actors from enterprise networks. The Threat Hunting team will use advanced analytics, threat intelligence, and cutting-edge security technologies to participate in threat actor based investigations, create new detection methodologies, and provide subject matter expertise to incident response and monitoring functions. The Threat Hunting Senior Analyst will also directly support the Cyber Security Operations Center and other internal teams by applying analytic and technical skills to investigate intrusions, identify malicious activity, and potential insider threats.
Job Description
Here's some of what you may be asked to perform:
? Participate in threat hunting operations using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and mitigate threat actors on the network
? Develop advanced methodologies to identify threat actor groups and associated tools, techniques and procedures
? Produce metrics and develop dashboards to identify potential threats, suspicious/anomalous activity, malware, etc.
? Drive the tuning of detection infrastructure with technology teams to identify emerging threats
? Document best practices to enhance analyst playbooks, response procedures, and courses of action
? Support the Cyber Security Operations Center and other internal teams by applying analytic and technical skills to investigate intrusions, identify malicious activity, and potential insider threats
? Provide guidance and/or lead on the development of on-going Information Security risk reporting monitoring key trends and defining metrics to regularly measure control effectiveness
? Proactively review internal processes and activities and identify opportunities for improvement
? Influence behavior to reduce risk and foster a strong information security management culture throughout the enterprise
? Remain informed of emerging issues, industry trends and/or relevant changes to the security landscape
+ Guide partners on a broad range of specific Technology Controls and Information Security programs, policies, standards and incidents.
+ Conduct risk assessment, required controls definition, control procedure appropriateness, vulnerability assessments and any other relevant areas.
+ Lead or contribute to the completion of risk and control design assessments for an assigned business application, business portfolio, and overall enterprise, as well as risk mitigation and remediation plans and remediation strategy.
+ Contribute to the definition, development, and oversight of a global security management strategy and framework.
+ Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology and security threats against TDBG?s business.
+ Develop on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area.
+ Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.
+ Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
+ Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.
+ Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise .
Other duties as assigned
? Driving Requirements:
? Travel Requirements:
Job Requirements
What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. Here are the minimum requirements for this position:
+ University Degree.
+ Information Security Certification / Accreditation an asset.
+ 7+ years of relevant experience.
+ Expert knowledge of IT security and risk disciplines and practices.
+ Advanced knowledge of of organization, technology controls, security and risk issues.
+ Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.
+ Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors.
Qualifications
Preferred Qualifications - Here are the preferred qualifications for this role:
? At least 5 years of previous experience working in hunt teams, threat intelligence, incident response, or security operations
? Bachelor?s degree or equivalent program in Information Security, Information Technology, Computer Science, Management Information Systems or similar field experience is required; Master's degree preferred
? Expert knowledge of log management, security analytics and event management platforms
? Must be able to define events vs. alerts vs. incidents for the organization, and create incident classification, severity, and priority tables in-line with all threats, risks and vulnerabilities
? Must be able to develop and document intelligence artifacts such advisories, AoA (Anatomy of Attack) and relevant detection and mitigation patterns
? Hands on experience with writing and implementing complex analytics queries, threat visualization dashboards, and large data volume management
? Strong working knowledge of security-relevant data, including network protocols, ports and common services, such as TCP/IP network protocols and application layer protocols (e.g. HTTP/S, DNS, FTP, SMTP, Active Directory etc.)
? Excellent written and oral communication skills
? Organizational and self-directing skills
? Ability to initiate, coordinate and prioritize responsibilities and follow through on tasks to completion
? Ability to work independently on a variety of assignments with minimal supervision
? Completion of at least one of the following: GCIA, GPEN, GWAPT, GCIH, GSEC, CCNP, CISSP
? A background in Data Science, Statistics, anomaly detection or similar skills would be an asset
Inclusiveness
At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live in and serve, and creating an environment where every employee has the opportunity to reach her/his potential.
If you are a candidate with a disability and need an accommodation to complete the application process, email the TD Bank US Workplace Accommodations Program at USWAPTDO@td.com . Include your full name, best way to reach you, and the accommodation needed to assist you with the application process.
EOE/Minorities/Females/Veterans/Individuals with Disabilities/Sexual Orientation/Gender Identity.
Province/State (Primary) Delaware
City (Primary) Wilmington
ProvState 2 Alabama
City(s) 2 Montgomery
ProvState 3 Colorado
City(s) 3 Colorado Springs
ProvState 4 District of Columbia
City(s) 4 Washington
ProvState 5 Georgia
City(s) 5 Alpharetta
Atlanta
ProvState 6 Texas
City(s) 6 Austin
San Antonio
ProvState 7 Virginia
City(s) 7 Alexandria
Vienna


Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.