Engineer II Cloud (security And AI Test Automation Engineer) B3617

Cloud Security And Ai Test Engineer

Work Location: Toronto, Ontario, Canada

Hours: 37.5

Line of Business: Technology Solutions

Pay Details: $114,000 - $136,800 CAD. This role is temporarily eligible for a pay premium above the posted salary range that is reassessed annually. You are encouraged to have an open dialogue with your recruiter who can provide more specific pay details for this role.

TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs.

As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role.

Job Description: We are looking for a detail-oriented Cloud Security and AI Test Engineers to join our team. This individual will focus on automating and validating Compliance-as-Code (CaC) policies across multi cloud environments including GCP, Azure and AWS. In this role you will blend your expertise in cloud security with advanced AI tools to enhance compliance, security and test automation, ensuring continuous validation within multi cloud environments.

Key Responsibilities:

Automated Testing For Cloud Policies

Design, develop, implement and maintain AI-driven automated test frameworks for the behavior of existing compliance as a code policy across cloud environments (GCP/AWS/Azure) in alignment with banking regulations.

Implement AI- driven test environments using Azure Foundry and Azure ML to create realistic, mock cloud setups, including network and IAM configurations to simulate and test policies effectively

Utilize Azure AI Search, Azure OpenAI, and Azure Machine learning to build intelligent validation routines that can predict policy compliance issues and recommend remediation steps

Develop comprehensive positive negative and edge exception test cases to validate policy enforcement logic.

Maintain a test suite library and ensure traceability between compliance requirements validation cases and artifacts

Collaborate with CaC policy developers and security architects and Cloud Service Owners to understand intended behavior and failure conditions

Continuous Testing & Ci/cd Integration

Integrate AI- assisted compliance validation into CI/CD pipelines GitHub actions GitHub workflows using GitHub Copilot for scripting efficiencies and M365 Copilot studio for creating streamlined policy validation templates

Automate security scanning and validation of terraform deployments with Python

Validate the enforcement of banking cloud security policies by embedding automated compliance checks into DevSecOps workflows and actions.

Cloud Security And Regulatory Compliance Enforcement

Work closely with security, DevSecOps teams, and Cloud Compliance governance teams to define and enforce cloud security controls in accordance with regulatory mandates.

Validate cloud resource configurations against financial industry standards, (NIST, ISO 27001, SOC 2)

Reporting & Audit Readiness

Implement/test logging and monitoring solutions to detect compliance violations in real time.

Automate/validate the generation of compliance reports and dashboards using tools like SonarQube, Wiz.IO, Splunk, Dynatrace, AppOmni

Ensure that all TD Standards & STIG requirements for IAAS, PaaS, SaaS CaC development, and testing activities are traceable and auditable for internal risk assessments and external regulatory audits.

Required Skills and Experience:

Strong Knowledge of GCP, Azure, AWS.

4+ years in Cloud Security, DevSecOps, AI or Cloud Engineering roles.

Cloud Infrastructure as a Code - Experience with Terraform, Helm, ARM, JSON, YAML, REGO

Compliance as Code (CaC)- Hands on experience with HashiCorp Sentinel, Azure policy, Wiz policy, GCP Org policy and Open Policy Agent, Kubernetes

CI/CD Pipelines- Experience with GitHub actions, Jenkins, Terraform, HashiCorp Vault, Nexus

AI Tools - Experience Azure Open AI, Azure Content Safety, Azure Foundry, Azure AI Builder, GitHub Copilot, M365 Copilot Studio, and AML

Scripting and Automation- Proficiency in Python, Bash, PowerShell, and automate testing framework.

Cloud Security & Compliance – Understanding of CIS benchmarks, NIST standards and security frameworks.

Preferred Qualifications:

Specifications; Azure fundamentals certification Azure security engineer associate, GCP fundamentals certification

Experience with multi cloud security testing GCP, Azure and AWS

Experience with Container security and Kubernetes policy enforcement

Education:

Computer Engineering, Software Engineering, Computer Science, Data Science (BS/MS)

Information security certification / accreditation an asset

Cloud & AI certifications

4+ years of relevant experience