Senior Manager, Information Security - Threat Hunting
Location:
Mount Laurel , New Jersey
Posted:
November 22, 2017
Reference:
1572978763
About TD Bank, America's Most Convenient Bank®

TD Bank, America's Most Convenient Bank, is one of the 10 largest banks in the U.S., providing more than 8 million customers with a full range of retail, small business and commercial banking products and services at approximately 1,300 convenient locations throughout the Northeast, Mid-Atlantic, Metro D.C., the Carolinas and Florida. In addition, TD Bank and its subsidiaries offer customized private banking and wealth management services through TD Wealth®, and vehicle financing and dealer commercial services through TD Auto Finance. TD Bank is headquartered in Cherry Hill, N.J. To learn more, visit www.tdbank.com. Find TD Bank on Facebook at www.facebook.com/TDBank and on Twitter at www.twitter.com/TDBank_US .

TD Bank, America's Most Convenient Bank, is a member of TD Bank Group and a subsidiary of The Toronto-Dominion Bank of Toronto, Canada, a top 10 financial services company in North America. The Toronto-Dominion Bank trades on the New York and Toronto stock exchanges under the ticker symbol "TD". To learn more, visit www.td.com . Department Overview

Building a World-Class Technology Team at TD

We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD's technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.

TD Information Security covers the development and management of security strategies, policies and programs to assess, prioritize, and mitigate business risk with technology controls. Priorities include: mitigating and managing cyber security threats, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity, and partnering with businesses for better technology delivery by providing advice on technology controls.

There's room to grow in all of it.

Job Description

About This Role

Reporting to the AVP, Threat Intelligence and Analytics, the Senior Manager. Threat Hunting is responsible for leading a team in the detection, disruption, and the eradication of threat actors from enterprise networks. The Threat Hunting team will use advanced analytics, threat intelligence, and cutting-edge security technologies to participate in threat actor based investigations, create new detection methodologies, and provide subject matter expertise to incident response and monitoring functions. The Senior Manager, Threat Hunting will also directly support the Cyber Security Operations Center and other internal teams by applying analytic and technical skills to investigate intrusions, identify malicious activity, and potential insider threats.

Meaningful work is fueled by meaningful performance and career development conversations with your manager. Here are the essential job functions of this position:

  • Lead threat hunting operations using threat intelligence, analysis of anomalous log data and results of brainstorming sessions to detect and mitigate threat actors on the network
  • Develop advanced methodologies to identify threat actor groups and associated tools, techniques and procedures
  • Produce metrics and develop dashboards to identify potential threats, suspicious/anomalous activity, malware, etc.
  • Drive the tuning of detection infrastructure with technology teams to identify emerging threats
  • Document best practices to enhance analyst playbooks, response procedures, and courses of action
  • Support the Cyber Security Operations Center and other internal teams by applying analytic and technical skills to investigate intrusions, identify malicious activity, and potential insider threats
  • Ensure team follows internal policies and procedures, technology control standards and applicable regulatory guidelines.
  • Adhere to and advise on, oversee, monitor, enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.
  • Grow team expertise so it aligns with company demand and TD's direction; assess team skills and capabilities and find ways to improve value delivered.
  • Responsible for management of the overall team(s) providing both leadership and guidance.
  • Set targets and objectives for the team.
  • Provide coaching, development, succession, recruitment, resource management and overall team leadership for team members, regularly contribute to performance and development plans.
Other duties as assigned

• Driving Requirements: as needed

• Travel Requirements: as needed Job Requirements

What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. Here are the minimum requirements for this position:

  • University Degree.
  • Information Security Certification / Accreditation an asset.
  • 10+ years of relevant experience.
  • Advanced knowledge of the business and technology standards.
  • Thought leadership with deep expertise and knowledge of the business and technology standards.
  • Experience leading, overseeing/managing a team or group(s) of moderate to large or in size, scope, risk and complexity.
  • Excellent communication, negotiation and organizational skills, including the ability to present options in business terms to both IT and business staff including executives.
Qualifications Preferred Qualifications - Here are the preferred qualifications for this role:

  • At least 5 years of previous experience working in hunt teams, threat intelligence, incident response, or security operations
  • Strong working knowledge of security-relevant data, including network protocols, ports and common services, such as TCP/IP network protocols and application layer protocols (e.g. HTTP/S, DNS, FTP, SMTP, Active Directory etc.)
  • Completion of at least one of the following: GCIA, GPEN, GWAPT, GCIH, GSEC, CCNP, CISSP
  • Ability to define events vs. alerts vs. incidents for the organization, and create incident classification, severity, and priority tables in line with all threats, risks and vulnerabilities
  • Ability to develop and document Intelligence intelligence artifacts such advisories, AoA (Anatomy of Attack) and relevant detection and mitigation patterns
Hours Day Hours Inclusiveness

At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live in and serve, and creating an environment where every employee has the opportunity to reach her/his potential.

If you have a disability that requires an accommodation to complete the application process, please e-mail TD Bank's HR Compliance Department at hrcompliance@td.com. Please include your full name, contact information and details about your request within the e-mail.

EOE/Minorities/Females/Veterans/Individuals with Disabilities/Sexual Orientation/Gender Identity.

**Province/State (Primary) New Jersey City (Primary) Mount Laurel

A little about us:
TD Bank is creating and sustaining a diverse and inclusive workplace that reflects the people, cultures and languages of the communities we serve.

Know someone who would be interested in this job? Share it with your network.