Information Security Specialist (- IAM RBAC & SOD )

Information Security Specialist (- IAM RBAC & SOD )

TD is currently seeking an experienced Identity and Access Management specialist to enhance and optimize the organization's access management framework. The successful candidate will work with internal clients and technology teams to identify and define SOD policies and design and implement automated solutions to streamline access management processes. The ideal candidate will bring extensive expertise in implementing and automating segregation of duties policies and role-based security controls in complex enterprise environments.

Responsibilities:

• Contribute to SOD Policy creation and maintenance for assigned business applications, articulate and document Segregation of Duties policy requirements in collaboration with application subject matter experts.
• Guide stakeholders within defined parameters related to specific Technology Controls and Information Security programs, policies, standards, and incidents.
• Support development of technology risk reporting, monitoring key trends and defining metrics to measure control effectiveness for your own area.
• Support technology processes, help launch governance practices to monitor, detect, prevent, and react to current and emerging security threats to TD, specifically within the Workforce Identity and Access Management space.
• Facilitate the Emerging Tech program working with various stakeholders including third party vendors, TD executives and various internal teams.
• Be a subject matter expert in Technology Risk related policies, procedures, technology control standards and regulatory guidelines.
• Apply a teamwork philosophy with technology and partners, service, or platform owners to integrate all technology security components and address control gaps.
• Follow and promote relevant enterprise frameworks and methodologies (Agile methodologies including the Next Evolution of Work).
• Research and investigate regulatory compliance requirements, reporting and questions, support the team in resolving compliance, audit, and regulatory issues.
• Adhere to policies, procedures, technology control standards and regulatory guidelines.
• Contribute to internal activity and process review, flag windows for improvement.
• Influence behavior to reduce risk, foster a strong technology risk management culture.
• Assess, identify, and escalate issues appropriately where required.
• Contribute to definition of role management and separation of duties business framework and capabilities that align with our access management control standards.
• Interpret internal/external business issues and recommend best practices pertaining to SOD Policies.
• Deliver business services, functions and capabilities that optimize the use of process, technology, and our people, and take advantage of TD's scale and operating model.

Requirements:

• University Degree or equivalent.
• Information Security Certification / Accreditation an asset.
• 5-7 years of relevant experience.
• Ability to communicate effectively at all levels of the organization with an emphasis on senior leadership.
• Strong background in access governance and compliance frameworks.
• Experience implementing technology controls to address IAM related risks.
• Deep knowledge of Technology Risks and Controls as well as Risk treatment policies and procedures.
• Deep understanding of Identity and Access Management (IAM) principles.
• Demonstrated ability to succeed in projects of moderate to high complexity.
• Sound knowledge of Microsoft Excel, PowerPoint, SharePoint, Teams, Confluence and Power BI with an enhanced focus on automated reporting and dashboards.
• Experience with enterprise-level IAM platforms and tools including SailPoint.
• Providing complex IAM reporting, analysis, and assessments.