Manager, Cyber-Fraud Incident Management
Toronto, Ontario, Canada
8h ago

Job Description

The role of Manager, Cyber-Fraud Incident Management is responsible for cyber-fraud threat prevention, incident management and response.

Serving as a key subject matter expert (SME) within the Protect Platform, this position works with a team of cyber-fraud incident specialists and managers to manage and mitigate cyber-fraud risk.

This role is part of a fast-paced team of experts that identifies, investigates, disrupts, and prevents account-level attacks targeting the global digital properties of TD.

This will be achieved by drawing upon deep knowledge of incident management, digital fraud, risk-based authentication, bot mitigation and identity proofing.

Using threat detection, analysis, correlation capabilities and tools, this role supports the development of a comprehensive picture of the short to long term cyber-fraud threat landscape and is expected to support in designing controls, practices and solutions to prevent, detect and mitigate these threats and events.

This role works closely with team members across the Cyber-Fraud and broader Protect Platform team.

Job Requirements

  • The incumbent should possess strong experience in cyber security and / or cyber enabled fraud, with strong expertise in a combination of incident management, digital identity proofing;
  • risk-based authentication and authentication logic flaws; bot-mitigation; and security information and event management tools.

    The incumbent must demonstrate a history of positive outcomes in advocacy work with a cross-functional executive audience.

    They must maintain the highest professional standards regarding personal conduct while performing work and must possess the ability to communicate complex information, concepts, and ideas in a confident, well organized, and succinct manner.

    Responsibilities / Accountabilities :

  • Provide incident management response and support on a 24 / 7 basis (or as needed) from triage through to containment and remediation
  • Ability to provide leadership and technical guidance on related major incident conference calls
  • Lead or participate in post incident reviews to ensure continuous learning and identify recurring themes across multiple incidents that may require dedicated attention
  • Through thorough incident analysis, identify and propose solutions to reduce our attack surface and exposure to cyber-fraud incidents targeting TD's global infrastructure including but not limited to online and mobile banking and investment, insurance, and loyalty web-applications and other customer and non-customer facing platforms
  • Rapid response, analysis, recommendations associated with third-party data compromise events that have a direct effect on TD customer digital authentication
  • Produce and maintain incident documentation in various formats including incident chronology, stakeholder status updates, executive briefing notes, and post-incident reports
  • Act as a leader within the team and provide coaching and support to the Cyber-Fraud Analysts, ensuring quality and efficiency for event and incident activities and appropriate documentation
  • Meet with peers and the broader team on a regular basis to present results and action plans related to problem management activities and regulatory requirements
  • Facilitate meetings with and provide communications to internal business groups including CISO, Fusion, Digital, Legal, Privacy, ORM, and FRM and executives throughout incident and problem lifecycle
  • Contribute to the advancement of incident management capabilities
  • Ensure that identified problems are referred to an appropriate problem management team or process and participate in required advocacy
  • Ability to collect and document business requirements related to cyber-fraud projects and initiatives
  • Ability to convey business and data requirements to support automation of existing manual analysis
  • Conduct retrospective analysis framework to deepen understanding around existing and emerging attack modalities
  • Supports Cyber Fusion strategic initiatives including investigations and risk-assessment, testing, and solutioning activities
  • Supports the expansion of incident management model across other functional teams (including North American Fraud Operations)

    Additional Information

    Additional Information

  • Working knowledge of ITIL V4 Service Management Framework with specialization on Incident and Problem Management processes (Foundation certification preferred)
  • Related industry certification is an asset (preferred CISSP, CISM)
  • Preferred computer sciences degree or equivalent experience
  • Preferred incident handler / manager certification (ex. GCIH)
  • tdcybersecurity

    Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form