You're using an older version of Internet Explorer that is no longer supported. Please update your browser.

Senior Manager Information Security - Data Protection and Governance

Toronto, ON
Full Time
Company Overview

Tell us your story. Don't go unnoticed. Explain why you're a winning candidate. Think "TD" if you crave meaningful work and embrace change like we do. We are a trusted North American leader that cares about people and inspires them to grow and move forward.

Stay current and competitive. Carve out a career for yourself. Grow with us. Here's our story:

Department Overview

Building a World-Class Technology Team at TD

We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD's technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.

TD Information Security covers the development and management of security strategies, policies and programs to assess, prioritize, and mitigate business risk with technology controls. Priorities include: mitigating and managing cyber security threats, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity, and partnering with businesses for better technology delivery by providing advice on technology controls.

There's room to grow in all of it.

Job Description

About This Role

This leadership role reports to the AVP of Data Protection, the Senior Manager, Data Protection will lead a small, cross functional team responsible for maintaining standards in relation to Data Classification, Data Protection and Cryptography Standards. The ideal candidate will be responsible chairing working group, in addition to assuming responsibility of raising awareness of the Data Protection standards among TD's stakeholder and business partners.

  • Lead large and complex initiatives to identify and assess risks and control, develop strategies to remediate gaps identified, and implement processes to effectively manage and mitigate risk
  • Drive a strong governance and internal control environment and perform effective challenge by executing on Enterprise Protect control and governance frameworks, including (but not limited to) pRCSA standards, regulatory compliance policies and standards, privacy policies and end user computing standards
  • Proactively identify opportunities to strengthen and improve processes and controls, and ensure the Corporate functions operate within the Bank's risk appetite
  • Identify, size and implement operational and continuous improvements to business processes to maximize efficiencies and scale/grow capabilities and teams to meet business needs
  • Provide leadership team with information, reporting and support to ensure operational risks are appropriately managed and adherence to internal policies and procedures is effective
  • Maintain a comprehensive understanding of existing and emerging regulatory requirements, operational processes, inherent risks, and ORM policies & practices to provide tailored advice and counsel to our partners
  • Ensure an integrated and aggregated view of all related activities across the Data Protection functions, providing escalations, recommendations, and decision support to leadership
  • As a trusted advisor to internal business partners, recognize and anticipate emerging trends, identify issues/ opportunities, and recommend actions to senior management.
  • Chair the Data Security Classification working group and provide expertise to the Non-Prod Data in Lower Environment working group.
  • Maintain process documents, standards and Data Security Classification guide s
  • Maintain governance documents and delive rables (KRI, KPI & Metrics) related to Cryptography COE, Data Protection controls such as DLP, DAR, RMM, Shadow IT etc.
  • Ensures appropriate planning and execution of security-related business controls (Attestations)
  • Ensures awareness of Protection and Treatment requirements for Enterprise data
  • Ensures that the standard risk assessment / Exception to Policy process is applied where required
  • Facilitates security audits and reviews, tracks mitigation actions, within the DLP organization, until resolution
  • Undertakes self-assessment and ensure compliance with TD security policies and standards
  • Assists with the management of security incidents and breaches
  • Reviews the Data Protection and Treatment standard on a regular basis and ensures compliance with it.
  • Responsible for facilitating and working on the data classification and labelling standards
  • Act as DLP's primary contact for compliance, governance and security issues


What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. It helps if you have:
  • University or Post-Graduate Degree.
  • Strong academic background (e.g., computer science, engineering).
  • 10 years+ relevant experience.
  • Strong relationship management skills and the ability to work effectively in cross-functional teams, as this role interfaces with a broad range of partners and leaders
  • Advanced and highly specialized knowledge of business applications, systems, networks, innovation, design activities, best practices, overall business, standards
  • Ability to communicate clearly and transparently; demonstrate due diligence and attention to detail.
  • Demonstrated innovation, creativity with strong critical thinking, quantitative and problem-solving skills.
  • Comfortable driving change

Additional Information

Join in on what others in TD Technology Solutions are doing:
  • Inspire a positive work environment and help champion quality, innovation, teamwork and service to the business
  • Learn voraciously, stretch your thinking,




At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live and serve. If you require an accommodation for the recruitment/interview process (including alternate formats of materials, or accessible meeting rooms or other accommodation), please let us know and we will work with you to meet your needs.
Information Technology