TD is hiring: Information Security Specialist (US) - Penetration Tester in Mount

Job Description

The Information Security Specialist - Penetration Tester defines, develops and/or implements Technology Controls / Information Security related policies, programs, tools and provides specialized expertise and guidance on assessing risks, identifying potential gaps and providing security solutions to mitigate risks and protect the Bank.

Responsibilities:

• Conduct Penetration Tests: Perform thorough and methodical penetration testing on web applications, mobile, AI, network infrastructures, and other systems to identify security vulnerabilities.
• Vulnerability Assessment: Assess and analyze security weaknesses, and provide actionable recommendations to mitigate risks and improve overall security posture.
• Report Findings: Document and communicate findings clearly and effectively to both technical and non-technical stakeholders. Prepare comprehensive reports with recommendations for remediation.
• Develop and Execute Test Plans: Design and execute detailed test plans
• Stay Current: Keep up-to-date with the latest security trends, vulnerabilities, and tools to ensure testing methodologies are current and effective.
• Collaborate with Teams: Work closely with IT and development teams to understand system architectures, provide guidance on security best practices, and support the implementation of security improvements.
• Perform Risk Assessments: Evaluate and assess potential security risks related to new and existing systems and technologies.
• Compliance: Ensure that penetration testing practices comply with relevant regulations, standards, and organizational policies

Requirements:

• Bachelor's degree preferred
• Information security certification / accreditation an asset
• 7+ years of relevant experience
• Expert knowledge of IT security and risk disciplines and practices

Preferred Qualifications:

• Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and Kali.
• Knowledge of common web application vulnerabilities (e.g., OWASP Top Ten) and network security principles.
• Experience with penetration testing in AI, cloud environments (e.g., AWS, Azure) and PCI testing.
• Familiarity with security standards and frameworks Certifications: Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable.

TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law.

If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at USWAPTDO@td.com.