Senior Information Security Analyst ( Crypto Operation Support)

Enterprise Protect - Crypto Operation Support

The Enterprise Protect - Crypto Operation team serves as a vital service availability department dedicated to offering expert cryptography support for various applications and web services across multiple environments and platforms as well as infrastructure support. With a primary focus on SSL/TLS certificate lifecycle management and Encryption Tool Support, the team ensures the implementation of standard IT security protocols. Additionally, the team plays a crucial role in incident and change management, contributing to effective problem resolution and enforcing compliance with information security standards. Collaborating with internal and external auditors, as well as other teams at TD Bank, we support wide-ranging projects and partnerships to enhance the bank's security posture.

A Crypto Operation Support role is crucial for ensuring the smooth functioning of security protocols across various systems. This position involves providing expert technical support, specifically in managing SSL/TLS certificate renewals, supporting infrastructure of lifecycle management and Encryption Tools our team manages. It requires coordination of incident and change management processes, including yearly renewals, DR tests, maintenance changes, datacenter visits, onboarding request fulfillments, and other support requirements. Professionals in this role should have a diverse skill set encompassing Public Key Infrastructure (PKI) enablement, data encryption and encryption tools and appliances, and application support, along with knowledge in tools monitoring, middleware, databases, storage, and network systems on cross platform.

Understanding IT security and risk management offers a significant benefit, particularly when backed by appropriate training and certifications. Proficient grasp of how companies oversee technology controls security measures and risk management issues underscoring the critical nature of being well-versed in these aspects to maintain safety and efficiency in our organization. Comprehending the risks associated with production deployment is essential to ensure secure onboarding and support procedures. This includes reviewing intake, fulfilling documentation needs, monitoring readiness and completeness, and following change management protocols that are established for effective promotions. Enthusiasm for participating in complex broad-ranging or significant projects and initiatives. Provides expertise as a lead resource in technology controls and information security for project teams the organization and associated vendors. Skilled in creating presentations and compiling reports designed for Senior Management and high-ranking executives. Highly skilled and knowledgeable in utilizing a diverse array of advanced tools and resources specifically designed for the effective protection of sensitive information, with a strong focus on data security protocols and comprehensive encryption management practices. Possesses extensive knowledge in the implementation and management of multiple encryption methods and technologies designed to protect confidential information. Established expertise in the principles of implementing and managing Public Key Infrastructure (PKI) for secure communication and authentication alongside substantial experience with contemporary Certificate Lifecycle Management tools. Experience with industry-standard request management software is a major advantage for streamlining workflow and tracking issues effectively. Proficiency in these tools improves request management and enhances team communication. Additionally, familiarity with this software allows for better data analysis, identification of bottlenecks, and implementation of solutions, boosting productivity and operational flow. Oversee, monitor, enforce enterprise frameworks and methodologies that relate to technology controls / information security activities. Understanding Incident Management and Take part in examining Information Security Incidents and creating methods for remediation and prevention. Identify and suggest ways to improve productivity, efficiency, and the effectiveness of current processes, particularly regarding their operational workflows. A strong understanding of cross-platform systems and familiarity with different operating systems is essential because their unique characteristics enhance a comprehensive technical ability to assist with various platforms and technologies. A solid understanding and familiarity with industry-leading cloud platforms are valuable assets for effectively leveraging scalable, robust, and efficient cloud-based solutions that can adapt to varying business needs and demands, ensuring optimal performance and resource utilization. The ability to effectively adjust and accommodate to non-traditional work hours, which may include evenings, weekends, and holidays, to assist with deployment activities and participate in an on-call rotation. This support can be provided both remotely, utilizing digital communication tools, and on-site, when necessary, to ensure that operations run smoothly, and that immediate assistance can be rendered as required.

Having a strong understanding of IT security and risk management, along with relevant training and certifications, is an asset. Advanced knowledge of organization, technology controls / security/ risk issues Acts as a lead expert resource in technology controls / information security for project teams, the business / organization and/or outside vendors Proficient in delivering presentations and generating reports for Senior Management and higher-level executives. Proficiency in the protocols for managing Enterprise Change, Incidents and Problems, particularly through the utilization of the Service Now Platform, represents a significant advantage. Well-versed in the administrative intricacies of CipherTrust, Vormetric, and PGP tools concerning data security and encryption management. Experience with Venafi and other Certificate Lifecycle Management (CLM) tools is an asset. Demonstrated ability in Public Key Infrastructure (PKI) principles, implementation, and management for secure communication and authentication. Possesses comprehensive experience in the implementation and management of various encryption methodologies and technologies to safeguard sensitive data. Proficient in the use and management of Hardware Security Module (HSM) tools for enhanced security protocols. Experienced with ServiceNow and JIRA platforms are considered an asset for efficient workflow management and issue tracking. Knowledge of cross-platform environments and diverse operating systems is an asset with Windows and Linux OS with their nuances, contributing to versatile technical proficiency. Possesses a strong understanding of various Linux distributions, with knowledge of Red Hat being an asset for server management and operations. Knowledge of Windows Server environments and administration is an asset for managing and maintaining Microsoft-based infrastructure. Familiarity with Microsoft Azure and other cloud platforms is an asset for leveraging scalable and efficient cloud-based solutions. Capacity to adapt to unconventional work schedules to support deployment and on call rotation support. Capable of undertaking travel to conduct maintenance and deployment operations within data centers