Information Security Specialist (Cryptographic Governance) page is loaded
Information Security Specialist (Cryptographic Governance) Apply remote type Hybrid locations Toronto, Ontario time type Full time posted on Posted 2 Days Ago job requisition id R_1354922Work Location:
Hours:
Line of Business:
Pay Details:
We're committed to providing fair and equitable compensation to all our colleagues. As a candidate, we encourage you to have an open dialogue with a member of our HR Team and ask compensation related questions, including pay details for this role.
The Cryptography Planning team is responsible for development of the Cryptography Framework and Guiding Principles for TD Bank to enable in-depth cryptographic data protection for on-premises, mobile and in the Cloud. We are tasked with researching vendors and solutions, proposal, evaluation, developing systems blueprints, and creation of documentation for building and automation of Data Protection technologies and, as needed, the re-engineering of existing technologies in the Information and Data Security space. This will entail collaboration with the Crypto Lab team for Proof-of-Concept evaluation of products, and preparation of solution blueprint documentation for handing over to the Crypto Engineering team for build and testing.
The ideal candidate possesses subject matter expertise on identifying cryptographic and data security gaps at the enterprise level scale, performing impact and stakeholder analysis, and recommending remediating measures.
This role will be responsible for solutions in areas such as, but not limited to:
- Cryptographic protection of Data at Rest and Data in Transit.
- Cryptography Governance (Policies, Procedures, Standards, Guides).
- Database Transparent Data Encryption (TDE) and encryption in Transi.t
- Protecting data in Public Cloud (Azure, Google).
- Thales Vormetric/CipherTrust Data At Rest Encryption.
- Hardware Security Module (HSM) - Thales, Entrust, Utimaco, Atalla.
- Cryptographic Tools (Venafi)
- PKI (x509 Digital Certificates, SSH, Microsoft ADCS, TLS ciphers)
- Key Lifecycle Management for symmetric and asymmetric keys.
- Post-Quantum Cryptography.
The successful candidate must have demonstrated ability to identify, analyze and document solutions in these areas using Systems Engineering Development Lifecycle approach (V-Model), and to work closely with Business and Engineering teams to warrant that built solutions enhance productivity and add business value.
Technical Requirements
The successful candidate is expected to have sound technical knowledge in a wide range of Information and Data Security technologies, frameworks, tools, processes, and procedures. This role is looking for people with skills in as many of the below technology areas as possible:
- 3+ year experience in Cryptography domain.
- Technologies and security controls for protection of data at rest and data in transit.
- In-depth knowledge of PCI DSS requirements for data protection.
- Understanding and navigation of NIST 800-Series Special Publications in respect to cryptography and FIPS 140-3 certification levels for cryptographic modules.
- In-depth knowledge of various cryptographic and encryption technologies and standards (Symmetric/Asymmetric cryptography, PKI, Digital Signing and Hashing).
- Understanding principles of Post-Quantum Cryptography and its standardization.
- Ability to translate complex technical concepts to values and outcomes for communicating to Senior Leadership and non-technical Business partners.
- Working knowledge of Microsoft Office suite for developing presentation decks, design documentation, drawings, and reports.
- Expertise in either:
Windows/Unix/Linux Databases (including MS SQL, Oracle, MongoDB) or Storage (SAN, NAS). - Experience with Cryptography as it applies to Cloud Solutions in Highly Virtualized Environments.
- Strong verbal and written communications skills are essential for this role.
- An industry recognizable IS Security certification (e.g. CISSP).
- Working knowledge of Mainframe cryptography and Mainframe HSM is a Plus.
- Experience with data protection against Ransomware is a Plus.
- Employment experience in Financial industry is a Plus.
Job Requirements
This role plays a critical role for the Crypto Organization in the analysis, proposal, conceptual design of solutions and automation for security infrastructure and tools. This includes producing solution documentation, interacting with Enterprise Architecture and Engineering teams, multiple lines of Business, Infrastructure teams, Application Development, Support, Vendors and Service Providers. The successful candidate must demonstrate an exceptional record of competence and a strong ability to communicate with other engineers, technology, and business partners.
Job Requirements include:
- Acting as a key contributor to developing solution structure and framework for cryptographic protection of data in complex environments.
- Selecting and assessing security tools and solutions that best meet the stated Security needs.
- Developing and documenting design patterns for adoption by our engineering partners.
- Contribute input into and lead development of solution documentation, System Requirements, Cryptography and Data Protection Policies, Procedures, Standards and Guides.
- Producing technical and analysis documentation, reports, and summaries.
- Creating high level and technical level presentations and presenting to technical and non-technical audiences and Senior Management.
- Knowledge of the Regulatory and Compliance landscape pertaining to the Financial Industry.
- Solid analytical, reasoning, organizational and time management skills.
- Ability to establish and maintain effective working relationships with all levels of personnel both internally and externally; e.g., Senior Management, peers, clients, and vendors.
- Ability to work in a fast-paced environment and manage multiple deadlines and priorities.
- Adapt to new different or changing requirements, quickly grasp new concepts, and reflect on lessons learned. Define problem/challenge, identify alternatives, and make timely decisions.
- Work closely & collaboratively with Internal Engineering, Deployment & Operations teams to drive design adoption across IT.
- Attention to details and follow through.
- Ability to make engineering design decisions, solve problems related to cryptographic principles.
- Align with the Department strategies and delivering superior results in short and long terms.
- Provide subject matter expertise consulting service to our Business partners.
- Manage communications and activities with 3rd party solution and service providers.
- Plan, schedule, run and manage working meetings and produce meeting minutes.
Who We Are:
TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver.