This recruiter is online.

This is your chance to shine!

Apply Now

Information Security Specialist - Framework, Policies and Standards

Toronto, ON
  • To be discussed
  • As soon as possible

Company Overview

Tell us your story. Don't go unnoticed. Explain why you're a winning candidate. Think ''TD'' if you crave meaningful work and embrace change like we do. We are a trusted North American leader that cares about people and inspires them to grow and move forward.

Stay current and competitive. Carve out a career for yourself. Grow with us. Here's our story:

Department Overview

Building a World-Class Technology Team at TD

We can't afford to be boring. Neither can you. The scale and scope of what TD does may surprise you. The rapid pace of change makes it a business imperative for us to be smart and open-minded in the way we think about technology. TD's technology and business teams become more intertwined as new opportunities present themselves. This new era in banking does not equal boring. Not at TD, anyway.

TD Information Security covers the development and management of security strategies, policies and programs to assess, prioritize, and mitigate business risk with technology controls. Priorities include: mitigating and managing cyber security threats, ensuring systems availability, aligning with global regulatory risk and compliance requirements, managing systems and network complexity, and partnering with businesses for better technology delivery by providing advice on technology controls.

There's room to grow in all of it.

Job Description

Job Description

We are looking for someone with experience managing or facilitating a policy and standards lifecycle process, to include creation, updating, and sunsetting of technology policies and standards (control requirements) in a large bank environment. You will work within a team of information security professionals responsible for facilitating the development and implementation of technology policies, standards, and framework documents, as well as facilitate impact assessments against these control requirements and assist with the identification and management of interdependencies between a typical policy/standards module and other various GRC solutions (i.e., risk assessments, issues management, etc.). Experience implementing governance documents in a GRC environment (Archer, OpenPages, Thomson Reuters, etc.), preferred. Example day-to-day duties include, preparing artifacts and work-back schedules, scheduling and leading meetings, maintaining and updating tools, templates and artifacts, leading discussions with key risk and control partners, soliticing content owner approvals, and preparation of changes summaries and communications.

Here are the essential responsibilities of this position:

  • Lead the lifecycle management of a portfolio of Frameworks, Policies or Standards, to include leading key stakeholders through the creation, maintenance or retirement of key governed artifacts.
  • Contribute to on-going program status reporting to regularly measure lifecycle management program effectiveness.
  • Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
  • Establish and maintain documentation to further drive a repeatable, consistent and defensible process and program.
  • Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.
  • Influence behavior to reduce risk and foster a strong technology risk management culture within team and across stakeholders.
  • Bring a strong understanding of pertinent legal, regulatory, risk and governance landscape.
  • Demonstrate excellent judgment and ability to effectively escalate issues & concerns quickly and to appropriate leaders and control areas.
  • Build strong, effective relationships with risk and control partners, enabling speed of decision making and facilitating transparent and timely communication of key information and potential risks.
  • Manage or support the effective and timely resolution of any issues identified during the normal course of business.
  • Understand applicable TD risk programs and how they affect the aligned portfolio.


What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. It helps if you have:

  • University Degree.
  • Information Security Certification / Accreditation an asset.
  • 7+ years of relevant experience.
  • Expert knowledge of IT security and risk disciplines and practices.
  • Advanced knowledge of of organization, technology controls, security and risk issues.
  • Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.
  • Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization and outside vendors.

Additional Information

Join in on what others in TD Technology Solutions are doing:

  • Inspire a positive work environment and help champion quality, innovation, teamwork and service to the business.
  • Learn voraciously, stretch your thinking,




At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live and serve. If you require an accommodation for the recruitment/interview process (including alternate formats of materials, or accessible meeting rooms or other accommodation), please let us know and we will work with you to meet your needs.


Level of education


Work experience (years)


Written languages


Spoken languages