Senior Information Security Engineer ( SIEM/ SPLUNK engineering)

Company Overview

Tell us your story. Don't go unnoticed. Explain why you're a winning candidate. Think "TD" if you crave meaningful work and embrace change like we do. We are a trusted North American leader that cares about people and inspires them to grow and move forward.

Stay current and competitive. Carve out a career for yourself. Grow with us. Here's our story: jobs.td.com

Department Overview

Building a World-Class, Diverse and Inclusive Technology Team at TD
We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD's technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.

TD Enterprise Protect Analytics Engineering Team is responsible for managing the bank's cyber security logging and monitoring systems, providing technical guidance and direction. Our highly coveted Engineers are interspersed amongst many areas of focus: innovation, design, execution, maintenance, strategy, and system management of our security analytics platforms including but not limited to Splunk, Cribl Log stream and Microsoft Sentinel. We call all of these things incredible learning opportunities, and no two assignments are ever the same.
There's room to grow in all of it.

Job Description

About This Role We are looking for someone to provide deep senior technical leadership, domain specialization and expertise, as well as set direction in developing and implementing solutions to address emerging business needs and strategies within information security analytics. You'll also advance the overall design architecture and technology capabilities in accordance with industry developments. A seasoned engineer at this level proves influential to senior leaders and imparts valuable guidance and governance to other technology groups and business areas.
Meaningful work is fueled by meaningful performance and career development conversations with your Senior manager and executives.
Here is some of what you may be asked to perform:

• Provide technical guidance and direction on implementation, administration, and maintenance of Splunk enterprise security, Splunk User Behavior Analytics (UBA), Microsoft Sentinel and Cribl Log Stream infrastructure.
• Develop the skills to support Engineering tasks related to the Azure Cloud and support of Analytics initiatives.
• Work with the Senior manager to plan strategic roadmap for analytics technologies in coordination with the business aspects of security engineering and Fusion.
• Plan the strategic roadmap for the enterprise security analytics technologies in coordination with the business aspects of enterprise protect and be the strategic lead reporting to the senior executives.
• Provide L3 support when needed by the L2 teams.
• Ensure capacity planning, currency uplifts are planned and executed.
• Promote and drive automation opportunities.
• Support other Public Cloud initiatives within AWS and Google.
• Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.
Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise

Requirements

What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. It helps if you have:

• University or Post-Graduate Degree
• 8 years+ relevant information technology experience.
• Ability to serve as top technical individual contributor expert role with knowledge of security analytics tooling in addition to a broad range of IT frameworks, technology, tools, processes, and procedures, as well as broader organization issues and relevant technology.
• Expert knowledge of onboarding log data sources to Splunk Enterprise, Microsoft Sentinel and Cribl
• Verifiable robust operational experience in administrating an enterprise Splunk platform in a large organization
• Good knowledge of building CRIBL infrastructure and integrating log sources and destination points.
• Expert knowledge of IT security, risk disciplines and practices, with solid understanding of cloud security.
• Advanced and highly specialized knowledge of business applications, systems, networks, innovation, design activities, best practices, overall business, standards.
• Strong partnership skills to ensure collaboration across a team and other lines of business as part of control execution.
• Excellent written and oral communications skills and ability to articulate and present information to senior executives, peers, all levels of technical staff, and stakeholders
• Ability to work autonomously as the engineering specialist on high-profile, complex and/or high-risk security analytics technology initiatives.
• Technical leadership and consulting prowess when it comes to directing larger teams on new initiatives
Certifications

• Splunk admin or architecture certification required
• Security certification is a benefit
• Azure and/or Cribl certification is a benefit.

Additional Information

Join in on what others in TD Technology Solutions are doing:

•Inspire a positive work environment and help champion quality, innovation, teamwork and service to the business.
•Learn voraciously, stretch your thinking,
•#TDCYBERSCEURITY
• #LI-POST

Hours
37.5

Inclusiveness

At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live and serve. If you require an accommodation for the recruitment/interview process (including alternate formats of materials, or accessible meeting rooms or other accommodation), please let us know and we will work with you to meet your needs.

Category

Information Technology