Engineer II

TD

Explore what TD Canada Trust is all about. Learn about our values, initiatives, reporting, news, careers, recent awards, and more.

Job Description:

The Crypto Solution Validation team is responsible for certifying data protection enterprise solutions or new use cases for the bank. We are tasked with lab build, test planning and design, test execution, runbook preparation, and automation of Data Protection technologies. This will entail collaboration with the Crypto Requirement team and Security Architecture team, and preparation of solution blueprint documentation for handing over to the Crypto Engineering team for enterprise adoption.

The ideal candidate possesses subject matter expertise on validation of cryptographic solutions at the enterprise level scale.

This role will be responsible for solutions in areas such as, but not limited to:

• Cryptographic protection of Data at Rest and Data in Transit.
• Database Transparent Data Encryption (TDE) and encryption in Transit.
• Protecting data in Public Cloud (Azure, Google).
• Thales Vormetric/CipherTrust Data At Rest Encryption.
• Hardware Security Module (HSM) – Thales, Entrust, Utimaco, Atalla.
• Certificate Management solution (Venafi).
• PKI (x509 Digital Certificates, SSH, Microsoft ADCS, TLS ciphers).
• Key Lifecycle Management for symmetric and asymmetric keys.
• Proficiency in scripting languages (e.g., Python, Bash, Powershell).
• Knowledge of API testing tools.
• Knowledge of automation tools and frameworks (e.g., Ansible).
• Post-Quantum Cryptography.

Technical Requirements

The successful candidate is expected to have sound technical knowledge in a wide range of Information and Data Security technologies, frameworks, tools, processes, and procedures. This role is looking for people with skills in as many of the below technology areas as possible:

• 7+ years of total experience.
• 3+ years of experience in the Cryptography domain.
• Experience certifying the encryption on various storage technologies (Databases, Storage, and applications).
• Technologies and security controls for protection of data at rest and data in transit.
• In-depth knowledge of various security controls.
• In-depth knowledge of various cryptographic and encryption technologies and standards (Symmetric/Asymmetric cryptography, PKI, Digital Signing, and Hashing).
• Understanding principles of Post-Quantum Cryptography and its standardization.
• Expertise in either: Windows/Unix/Linux Databases (including MS SQL, Oracle, MongoDB) or Storage (SAN, NAS).
• Experience with Cryptography as it applies to Cloud Solutions in Highly Virtualized Environments.
• Strong verbal and written communications skills are essential for this role.
• Proven ability to work in a fast-paced environment and manage multiple deadlines and priorities.
• An industry-recognizable IS Security certification (e.g. CISSP).
• Experience with data protection against Ransomware is a Plus.
• Employment experience in the Financial industry is a Plus.

#LI-Tech