Job Specifications
Work Location:
Toronto, Ontario, Canada
Hours
37.5
Line Of Business
Technology Solutions
Pay Details
$91,200 - $136,800 CAD
This role is eligible for a discretionary variable compensation award that considers business and individual performance.
TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs.
As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role.
Job Description
We are looking for a detailed-oriented Cloud Security Engineer to join our team. This individual will focus on automating and validating compliance as code (CaC) policies across multi cloud environments including GCP, Azure and AWS. This role involves creating and implementing automated test cases to ensure these policies function as intended.
The engineer will integrate these tests into GitHub based CI CD pipelines using GitHub workflows and GitHub actions and leverage Terraform, Python, PowerShell
Key Responsibilities
Automated testing for cloud policies
Design, develop, implement and maintain automated test frameworks for the behavior of existing compliance as a code policy across cloud environments (GCP/AWS/Azure) in alignment with banking regulations.
Develop comprehensive positive negative and edge exception test cases to validate policy enforcement logic.
Build automated test pipelines integrated with CI CD workflows to ensure continuous validation of CAC changes
Collaborate with CaC policy developers and security architects and Cloud Service Owners to understand intended behavior and failure conditions
Implement mock cloud environments/services/IAM for to simulate realistic scenarios for policy testing
Maintain a test suite library and ensure traceability between compliance requirements validation cases and artifacts
Continuous testing & CI/CD integration
Integrate compliance validation tests into CI CD pipelines GitHub actions GitHub workflows and terraform to enforce continuous compliance checks before deployment.
Automate security scanning and validation of terraform deployments with PowerShell, and Python
Validate the enforcement of banking cloud security policies by embedding automated compliance checks into DevSecOps workflows and actions.
Cloud Security and Regulatory Compliance enforcement
Work closely with Banking security, DevSecOps teams, and Cloud Compliance governance teams to define and enforce cloud security controls in accordance with regulatory mandates.
Validate cloud resource configurations against financial industry standards, (NIST, ISO 27001, SOC 2)
Reporting & Audit Readiness
Implement/test logging and monitoring solutions to detect compliance violations in real time.
Automate/validate the generation of compliance reports and dashboards using tools like SonarQube, Wiz.IO, Splunk
Ensure that all TD Standards & STIG requirements for IAAS, PaaS, SaaS CaC development, and testing activities are traceable and auditable for internal risk assessments and external regulatory audits.
Required Skills And Experience
Strong Knowlege of GCP, Azure, AWS.
4+ years in Cloud Security, DevSecOps, or Cloud Engineering roles.
Cloud infrastructure as a code - experience with Terraform, Helm, ARM, JSON, YAML
Compliance as Code (CaC)- Hands on experience with HashiCorp Sentinel, Azure policy, Wiz policy, GCP Org policy and Open Policy Agent, Kubernetes
CI/CD Pipelines- Experience with GitHub actions, Jenkins
Scripting and Automation- Proficiency in Python, Bash, Go, PowerShell, terraform and automate testing framework.
Cloud Security & Compliance – Understanding of CIS benchmarks, NIST standards and security frameworks.
Preferred Qualifications
Specifications; Azure fundamentals certification Azure security engineer associate, GCP fundamentals certification
Experience with multi cloud security testing GCP, Azure and AWS
Experience with Container security and Kubernetes policy enforcement
Education
University degree
Information security certification / accreditation an asset
5+ years of relevant experience
Why join us?
Work on cutting edge cloud security and compliance automation.
Be part of a DEV SEC OPS driven culture with CI CD integrated security testing
Collaborate with global teams to secure multi-cloud environments.
Who We Are
TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary custome
About the Company
As a leading corporate and investment bank, TD Securities offers a wide range of integrated capital markets products and services. Our corporate, government, and institutional clients choose us for our innovation, execution, and experience. With 7,000 professionals operating out of more than 30 cities across the globe, we help clients meet their needs today and prepare for tomorrow. Our services include underwriting and distributing new issues, providing trusted advice and industry-leading insight, extending access to global...
Know more