Job Specifications
Work Location:
Toronto, Ontario, Canada
Hours
35
Line Of Business
Technology Solutions
Pay Details
$149,500 - $177,000 CAD
This role is temporarily eligible for a pay premium above the posted salary range that is reassessed annually. You are encouraged to have an open dialogue with your recruiter who can provide more specific pay details for this role.
TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs.
As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role.
Job Description
Job Description:
The Senior Manager - Principal AI Vulnerability Specialist - is responsible in a lead capacity to establishing and running a Bank wide capability to identify, assess, and prioritize vulnerabilities unique to AI models.
Effective vulnerability management is essential for maintaining the security of AI systems throughout their lifecycle. This role is responsible for developing processes that enable the continuous identification, classification, and remediation of vulnerabilities in AI models. By implementing a proactive approach, the Senior Manager ensures that potential threats are addressed before they can impact business operations, allowing the organization to maintain a robust risk posture.
Lead AI security by deploying tools like Hidden Layer or Protect AI to scan models, integrate vulnerabilities into ServiceNow VR or equivalent reporting systems, and ensure end-to-end tracking, assignment, prioritization, and risk scoring. Responsibilities include standardizing findings, adding impact context, and automating ingestion, triage, and reporting for improved coverage, faster vulnerability resolution, and increased automation. This role also heads AI Penetration testing, handling comprehensive assessments and communicating results to business stakeholders.
Preferred Qualifications
Demonstrated success in building and leading AI vulnerability management programs, including assessment, prioritization, and remediation governance.
Strong grasp of AI lifecycle security, from data collection, model training, to deployment and monitoring in production environments.
Familiarity with model architecture, data pipelines, and ML frameworks (TensorFlow, PyTorch, Scikit-learn).
Familiarity with securing AI workloads in AWS Sagemaker, Azure AI, or GCP Vertex AI environments.
Expert in applying specialized AI vulnerability scanning tools to detect model‑specific risks, analyze findings, and drive accurate prioritization frameworks
Skilled in integrating model vulnerability data into ServiceNow Vulnerability Response (VR) and other SecOps modules.
Working knowledge of NIST AI RMF, OWASP Top 10 for LLMs, and MITRE ATLAS for identifying and mitigating AI-related risks.
Ability to apply risk scoring to AI vulnerabilities based on exploitability, business impact, and model criticality.
Capable of quantifying AI model risks and communicating which vulnerabilities matter most to leadership.
Familiarity with financial services industry regulations and standards (e.g., FFIEC, GLBA, GDPR, PCI DSS, NYDFS Cybersecurity Regulation).
Awareness of emerging AI threats, adversarial attacks, and evolving regulatory requirements.
CI/CD for AI: Knowledge of how to integrate static and dynamic scans into the machine learning pipeline (e.g., scanning for vulnerable Python libraries or model weights).
Model Provenance & AIBOM: Managing an AI Bill of Materials (AIBOM) to track the lineage of models, datasets, and third-party dependencies.
Adversarial Attacks: Technical knowledge of evasion attacks (perturbations that fool a model) and extraction attacks (stealing the model or its training data).
Red Teaming Orchestration: Ability to define the scope for AI red teams, focusing on hallucination testing, jailbreaking, and bias detection.
Automated Security Testing: Proficiency with tools like Giskard, Garak, or Microsoft’s PyRIT to automate the discovery of vulnerabilities in LLMs.
Vulnerability Telemetry: Ability to use SQL or data visualization tools (Tableau/PowerBI) to create dashboards that track Mean Time to Remediation (MTTR) for AI-specific flaws.
Cloud AI Environments: Expertise in securing AI-specific services in AWS (SageMaker), Azure (Azure AI), or Google Cloud (Vertex AI).
Translates complex AI risks into clear, actionable insights for executive stakeholders, ensuring alignment with risk appetite and strategic business direction
Commitmen