AVP, Business Information Security Officer (US)

Work Location:
Mount Laurel, New Jersey, United States of America

Hours:
40

Pay Details:
$200,000 - $280,000 USD

TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs.

As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role.

• Builds, develops and sustains a team of professionals responsible for interacting with and supporting each of the major TDBFG business segments; This team will develop and maintain relationships with key business leaders and other stakeholders internal and external to the organization to ensure a high positive public profile for TDBFG.
• Responsible for the team of business segment support resources; Works with peers within TRMIS who are responsible for Governance, Regulatory Reporting, Threat/Vulnerability/Incidents, Project Management, and Access Management
• Develops a Center of Excellence orientation/approach that allows Technology Risk Management best practices to be shared across the enterprise; Provides strategic insight, advice and counsel on security-based strategy work across the business lines, ensuring appropriate risk/control frameworks and technology governance methodologies are in place, and that TDBFG policies are being adhered to
• Provides guidance and/or consulting service to technology/business partners on key technology initiatives and provides expertise in the areas of Computer Forensic Services, Incident Response Management, Vulnerability Management & Reporting and Managed Security Services
• Develops on-going Technology Risk reporting, monitors key trends and/or breaches and works with executive management to help assess/identify and address key issues and escalate to appropriate levels and relevant stakeholders where required
• Keeps abreast of emerging issues, trends, and evolving technology regulatory requirements and assesses potential impacts to the Bank and ensures business risks for applications are defined across each line of business, and the technology risk/control framework is in place, monitored, tested and reported on regularly
• Works in partnership with the business lines to address technology based audit findings and issues and ensure programs are in place to comply with federal and industry based regulations as they apply to technology controls across TDBFG
• Ensures outsourcing partners adhere to TDBFG security policies and standards, by establishing oversight controls, and by ensuring risk has been mitigated to protect the Bank
• Oversees the development of system security awareness and communication training programs across the enterprise to ensure alignment with the overall Technology strategy and compliance to regulatory and/or established Bank system security standards
• Ensures effective development practices are in place to keep team current with emerging technology advancements/trends, and regulations to support business needs and leverage a highly capable management team, actively developing and deploying talent across the business
• Builds for the future and provides people leadership; oversees people plans and strategies to attract, motivate and retain a highly diverse, qualified and engaged human resource base to fulfill current and future business needs
• Ensures that business operations are in compliance with applicable internal and external requirements (e.g. financial controls, segregation of duties, transaction approvals, and physical control of assets)
• Delivers an effective IT program to work with external regulators, internal and external auditors, Legal, Compliance and Risk Management groups to ensure appropriate oversight of regulatory risk; Provides subject matter expertise on IT regulatory controls, keeping apprised of new regulatory mandates and guidance
• Works closely with key business leaders to optimize TDBFG's resources and leverage TD's operating model to maximize efficiency, effectiveness and scale
• Delivers an effective risk management program through the implementation of a structured risk and control framework, and by effectively managing technology strategies associated with control deficiencies; This would also include alignment of Audit based control findings with true business risk.

• Bachelor's degree required; Graduate degree preferred
• 10+ Years of cyber related experience
• Significant experience required in Technology Risk Management and Cyber security disciplines
• Certification in Risk Management / Cyber Security preferred
• 5+ years of control and RCSA experience
• Strong written and verbal communication skills
• Experience in change management related to the adoption of new business processes.
• Relevant work experience in technology with a broader understanding across multiple IT disciplines

• Demonstrated success supporting a major business needs, interacting effectively to determine requirements, define strategy and deliver solutions
• Substantial experience in technology risk management that includes expertise in the areas of operational risk management (ORM), Technology Risk and IS security; The ideal candidate possesses broader skills than a highly technical CISO; Likewise, the ideal candidate is likely more knowledgeable of technology issues than a pure ORM
• Possesses the leadership skills needed to work at this, and eventually at higher levels, within the TDBFG organization
• Experience within a high transaction, large/complex/matrix business environment; Financial services experience is ideal
• Has managed a multi site team of at least 20 professionals/specialists
• Deep knowledge of IT security and Risk disciplines and practices
• Deep knowledge of the U.S. Regulatory landscape and impact to IT control governance
• Ability to make an impact and execute on key strategies
• Ability to articulate technology into business solutions
• Excellent client engagement/management skills
• Possesses exceptional strategic thinking, planning and relationship skills
• Ability to influence management and build credibility across the organization
• A proven collaborative and engaging leader who partners well with others; the individual will partner with divisional CIOs, business heads, vendors, auditors, Operational Risk teams, regulators and counterparts at other financial institutions
• Ability as a leader to influence change within a dynamic regulatory environment, and a focused expense management culture
• Highly motivated individual with a track record of successfully implementing large scale and globally sourced programs with superior results
• Outstanding people management, leadership and coaching skills
• Thrives in a fast paced environment, managing multiple deadlines and competing priorities
• Strong communicator, with excellent oral, written and presentation skills
• Proven ability to work with third party regulators