Senior Global Security Analyst

TD Bank - Toronto, ON (22 days ago)

Apply Now

Tell us your story. Don't go unnoticed. Explain why you're a winning candidate. Think "TD" if you crave meaningful work and embrace change like we do. We are a trusted North American leader that cares about people and inspires them to grow and move forward.

Stay current and competitive. Carve out a career for yourself. Grow with us.

Department Overview

Global Security & Investigations (GSI) is a specialized team dedicated to the security and safety of our employees, customers, third parties, physical assets and information. Using a risk-based approach, the team is responsible to identify, investigate, mitigate and manage risks by developing key strategies, designing comprehensive security and investigative programs, educating businesses within TD Bank Group on security measures and protocols and working collaboratively with internal and external partners.

Job Description

The Senior Analyst, Insider Operations works within the Insider Risk Management Team (IRMT) and reports to the Senior Manager, Insider Operations, GSI. The Senior Analyst will take on a key role in executing Program processes, including but not limited to: the ongoing review of potential risk indicators, data collection and aggregation, triage and assessment of insider threats to identify risk and impact, investigation referral, event escalation, and ongoing reporting. The Senior Analyst will support required Program development, training, awareness and remediation activities to strengthen TD's control environment to better prevent, detect and respond to Insider risks. The Senior Analyst's experience, accountabilities and responsibilities include: • Capacity to quickly develop a knowledge of the insider risk landscape, including different types of adversaries, campaigns, and the motivations that drive them. • Working knowledge of Threat Lifecycle Management and Incident Management to be able to prioritize and triage anomalous events/alerts and information to effectively execute incident response processes. • Collecting, aggregating, and analyzing quantitative and qualitative data to identify potential threats (including policy violations), develop baselines, and analyze trends in the environment to influence security practices and operations. • Assist with the creation and maintenance of threat use cases. Document business requirements and other governance documentation.
Ability to summarize complex data into case summaries, reports and presentations for distribution to an executive audience. • Be proactive in: o identifying and providing recommendations for improvements to security/process gaps to enhance the overall protection of information/assets, and o recommending solutions and countermeasures resulting from insider threats. • Detecting data exfiltration techniques and reviewing logs to complete insider risk analyses and assessments of threats. • Operate and maintain the Insider Risk Management Program mailbox, triage incoming items and action received data and alerts. • Maintain Insider Risk related communication and training materials including the tracking and updating the LMS based Insider Risk Awareness Guide. • Remain current on relevant regulatory developments, evolving threats, industry trends and best practices with respect to overall Insider Risk Management

Job Requirements

Education/Accreditations: • Post-secondary education, and/or equivalent business experience with a focus on Computer Science, Information Technology/Security, Counterintelligence, Investigations, or related field. Other Qualifications/Skills/Experience: • Three or more years of IT operations/security analytics, big data analysis, or programming experience. • Working knowledge of various security, application and network logging systems including Security Incident Event Management (SIEM), Splunk, Symantec, CyberArk, as well as various threat intelligence sources, to interpret output and identify potential Insider threats. • Working knowledge and experience with data analytic tools and platforms including User Behavioral Analytics products, and other contextual data to create log correlations to identify anomalous behavior, execute complex search language queries, alerts, dashboards and reports. • Possess or have the proven capacity to quickly build a strong knowledge base of Insider Risk Management and leading practice around the prevention, detection and response to Insider Risk. • Must be able to work effectively with large datasets and have experience in querying, joining, manipulating, summarizing and visualizing datasets of various types of tools, including Tableau and Microsoft Office suite tools.
Ability to write queries in SQL, VBA, and use regular expressions is preferred. • Basic Python scripting capabilities preferred. • Self-driven, motivated to excel, ability to work with minimal supervision, and maintain productivity in a fast-paced and, at times, high pressure environment. • Creative, out-of-the-box thinker, with strong conceptual and problem-solving skills. • Must have solid written and verbal communication and planning skills. • Strong interpersonal skills with an ability to easily relate to peers and management.


At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live and serve. If you require an accommodation for the recruitment/interview process (including alternate formats of materials, or accessible meeting rooms or other accommodation), please let us know and we will work with you to meet your needs.

Job FamilyGlobal & Physical Security
Job Category - Primary

Business Analysis / Reporting

Job Category(s)Business Analysis / Reporting


Business LineCorporate
Time Type

Full Time

Employment TypeRegular


**Province/State (Primary)Ontario
City (Primary)


Work LocationTD Centre - North - 77 King Street West