Information Security Specialist

Information Security Specialist - Vulnerability Management (Infrastructure & Containers) Location: Toronto, Ontario, CanadaHours: 37.5Line of Business: Technology SolutionsPay: $91,200 - $136,800 CAD Job Summary The Senior Information Security Analyst is responsible for identifying, assessing, prioritizing, and coordinating responses to security vulnerabilities within the organization’s systems, applications, and networks. This role requires a deep understanding of vulnerability management, risk assessment, and cross‑functional collaboration to ensure timely remediation and alignment with organizational security objectives. Key Responsibilities Oversee end‑to‑end vulnerability triage, including identification, assessment, prioritization, and tracking. Develop and maintain a triage framework that balances risk levels, exploitability, and business impact. Analyze vulnerability reports from scanners, penetration tests, and threat intelligence to determine criticality. Ensure vulnerabilities are accurately classified and assigned to the appropriate teams for remediation. Work closely with system owners, application teams, DevOps, and IT infrastructure to drive remediation. Act as a liaison between technical teams and business stakeholders to communicate risk and remediation priorities. Collaborate with threat intelligence teams to assess real‑world impact of vulnerabilities. Develop a risk‑based prioritization approach and establish remediation timelines based on severity and compliance. Implement and optimize workflows for triage and reporting; continuously refine policies and tools. Define and track KPIs such as MTTR and closure rates; create regular reports for leadership. Manage and mentor the triage team, providing training and guidance; foster a culture of security awareness. Provide technical oversight for container scanning, prioritization, and remediation; lead container security initiatives. Communicate critical vulnerabilities and remediation priorities to cross‑functional leadership. Help enforce container security standards and controls throughout the build and deployment process. Qualifications Education: Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience). Experience: 5+ years in vulnerability management, security operations, or related fields; 2+ years in a leadership or management role. Technical Skills: Expertise in vulnerability scanning tools (Qualys, Nessus, Rapid7); knowledge of CVSS and threat modeling; strong understanding of operating systems, cloud platforms, networks, and application security; familiarity with compliance frameworks (ISO 27001, NIST, PCI‑DSS). Soft Skills: Strong analytical and problem‑solving skills; excellent verbal and written communication; proven ability to manage multiple priorities and work under tight deadlines. Preferred Qualifications: Certifications such as CISSP, CISM, CEH, or GIAC; experience with threat intelligence platforms; familiarity with automation tools and scripting languages (Python, PowerShell). Our Total Rewards Package TD offers a comprehensive package including base salary, variable compensation, health and well‑being benefits, savings and retirement programs, paid time off, banking benefits, career development, and reward and recognition programs. Application Process We welcome applications from diverse backgrounds. Please submit your application via TD Careers. Contact HR for accommodations if needed. Equal Employment Opportunity TD Securities is an EEO employer and encourages applicants from all backgrounds. #J-18808-Ljbffr