מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר
Td Bank Information Security Specialist Container Vulnerability Management Canada, Ontario, Toronto 490646732
Job Description:
About This Role:
As a Container Vulnerability Management Specialist at TD Bank, you will develop and implement technology controls and policies to ensure that the application containers are built and deployed securely. You will focus on enabling TD teams and leaders to understand security risks, coming from vulnerabilities in containers. Working closely with our partners in development experience and DevOps verticals, you will identify gaps in current processes and tooling, enforce standards and policies and track vulnerability remediation to mitigate risks. You will have an opportunity to present various reports, analyses, and assessment to the functional, business and enterprise-level audiences.
To succeed in this position, you will need to have a strong technical expertise in the world of containers that includes technologies such as Docker, Kubernetes, Red Hat OpenShift, Wiz and any of the cloud platforms (Azure and GCP preferred).
Responsibilities:
- Provide technical expertise and oversight for container scanning, container vulnerability prioritization, and remediation.
- Be a lead contributor to enterprise-level initiatives pertaining to container security and risk remediation.
- Effectively communicate critical vulnerabilities, their impacts, associated risk, and remediation priorities to cross-functional leadership teams.
- Help build and enforce technology controls, along with container security standards to ensure best practices are followed, when building and deploying application containers.
- Influence behavior to reduce risk and foster a strong technology risk management culture throughout the bank.
- Be a people manager, who embodies TD values and provides much-needed support for their direct report(s) to grow and produce impactful outcomes in container space.
Job Requirements:
Must-haves
- Bachelor's or Master's degree
- 5+ years of experience in information security or product security
- Strong technical expertise with Docker, Kubernetes, platforms such as Azure Kubernetes Service (AKS) or RedHat OpenShift, container registries such as Azure Container Registry (ACR), Sonatype Nexus.
- Experience with container scanning tools such as Aqua Security, Prisma, Wiz.
- Experience with the vulnerability management lifecycle, including identifying, assessing, mitigating, and reporting security vulnerabilities.
- Working knowledge of information security concepts, such as Common Vulnerabilities and Exposures (CVEs), Common Weakness Enumeration (CWEs), risk treatment and remediation tracking strategies.
- Familiarity with ServiceNow Vulnerability Response module(s).
- Familiarity with Azure or GCP cloud and cloud security.
- Demonstrated ability to participate in complex, comprehensive or large projects and initiatives.
- Ability to serve as a lead expert resource in technology controls and information security for project teams, the business, organization, and outside vendors.
- Ability to work independently without supervision; demonstrated ability to manage and deliver multiple tasks and job responsibilities.
- Strong written communication and organizational skills.
Nice-to-haves
- Development experience in cloud environment (preferably, Python)
- Familiarity or DevOps experience with writing Dockerfiles, building container images, deploying, and managing containers.
- Prior people management experience
Please be advised that this job opportunity is subject to provincial regulation for employment purposes. It is imperative to acknowledge that each province or territory within the jurisdiction of Canada may have its own set of regulations, requirements.
If you’re interested in a specific career path or are looking to build certain skills, we want to help you succeed. You’ll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD – and we’re committed to helping you identify opportunities that support your goals.
We will provide training and onboarding sessions to ensure that you’ve got everything you need to succeed in your new role.
משרות נוספות שיכולות לעניין אותך
