Engineer II – Enterprise SIEM – Splunk

Job Title Engineer II – Enterprise SIEM – Splunk & GCP Work Location Toronto, Ontario, Canada Hours 37.5 hours per week Line Of Business Technology Solutions Pay Details Base salary: $91,200 - $136,800 CAD per year. Temporary market premium reassessed annually. Overview TD Enterprise Protect Analytics Engineering Team is responsible for managing the bank’s cyber security logging and monitoring systems, providing technical guidance and direction. Building a World-Class, Diverse and Inclusive Technology Team at TD, the team manages the bank’s cyber security logging and monitoring systems, including Cribl Log Stream, Splunk Enterprise Security, Microsoft Sentinel and Google Cloud Platform logging infrastructure. Responsibilities Provide senior technical guidance and perform implementation, administration, and maintenance tasks on Splunk enterprise Platform, Microsoft Sentinel and Google Cloud Platform logging infrastructure. Work with the Senior Manager to plan strategic roadmap for analytics technologies in coordination with the business aspects of security engineering and Cyber Threat Management teams. Contribute to the strategic roadmap for TD enterprise SIEM to meet business needs/requirements. Provide L3 support when needed by the L2 teams. Ensure capacity and currency uplifts are planned and executed within desired timelines. Promote and drive automation opportunities when and where possible. Develop the skills to support Engineering tasks related to the Google Cloud and other Public Cloud initiatives. Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines. Influence behavior to reduce risk and foster a strong technology risk management culture throughout the enterprise. Requirements University or Post-Graduate Degree 8 years+ relevant information technology and security engineering experience Subject matter expert knowledge and experience in administering Splunk enterprise platform, Microsoft sentinel and Google cloud log infrastructure. Expert knowledge of onboarding Google cloud logs to SIEM. Verifiable operational experience in administrating an enterprise SIEM platform in a large organization. Expert knowledge of IT security, risk disciplines and practices, with solid understanding of cloud security. Advanced and highly specialized knowledge of business applications, systems, networks, innovation, design activities, best practices, overall business, standards. Strong partnership skills to ensure collaboration across a team and other lines of business as part of control execution. Excellent written and oral communications skills and ability to articulate and present information to senior executives, peers, all levels of technical staff, and stakeholders. Ability to work autonomously as the engineering specialist on high-profile, complex and/or high-risk security analytics technology initiatives. Technical leadership and consulting prowess when it comes to directing larger teams on new initiatives. Certifications Security certification required (CISSP, CCSP, CompTIA Security+, etc) Splunk admin or architecture certification is an advantage. Google Cloud security certification is an advantage. Azure security Engineer certification is beneficial. Benefits TD offers a total rewards package that includes a base salary, variable compensation, health and well-being benefits, savings and retirement programs, paid time off, banking benefits and discounts, career development and recognition programs. Learn more on our benefits page. Equal Opportunity Employer TD is an equal opportunity employer. We encourage candidates from all backgrounds to apply. All employment decisions are made without regard to race, color, religion, sex, gender identity, gender expression, sexual orientation, age, national origin, veteran status, disability status, or any protected characteristic in accordance with applicable laws. #J-18808-Ljbffr