34 Junior Security Consultant jobs in Toronto

Job Description

Job Description

Description

At CDW, we make it happen, together. Trust, connection, and commitment are at the heart of how we work together to deliver for our customers. It’s why we’re coworkers, not just employees. Coworkers who genuinely believe in supporting our customers and one another. We collectively forge our path forward with a level of commitment that speaks to who we are and where we’re headed. We’re proud to share our story and Make Amazing Happen at CDW.

Fueled by our shared passion and expertise, CDW delivers innovative technology solutions for our customers. We are also committed to fostering an environment that embraces collaboration, celebrates integrity, inclusivity, and individuality, and paves the path for personal and professional growth. Experience a life in balance and join us on the journey forward.  

Job Summary

The Managing Consultant performs ongoing client support for highly complex technical performance issues and ensures adherence to service level agreements and customer service excellence. Recommends process enhancements and drives efficiency by reducing average troubleshooting time, repetitive issues and problem service tickets. The Managing Consultant has specialized in at least one of three particular disciplines: Network Security, Information Security, and/or Endpoint Security; and brings an established repository of technical expertise to act as a Subject Matter Expert. The Managing Consultant leads process improvements, creates efficiencies and opportunities for improved workflow and automation. In addition, the Managing Consultant is required to build and manage client relationships as a Trusted Partner, making meaningful contributions to expand the relationship and build loyalty.

What you will do:

• Services Delivery – 50% job weight
  • Manages complex technical questions and ticket escalations and monitors system performance
  • Identifies and makes recommendations on technical deficiencies, service performance issues, product utilization, bugs, and enhancements
  • Recommends process improvements to drive efficiencies, reduction of the average time to trouble-shoot, and reducing false-positive alerts
  • Performs ongoing analysis and system testing of new system releases, upgrades, and/or patches to supported technologies
  • Embodies Trusted Advisor principles, including building trust and influencing loyalty with the client and internal coworkers.
  • Confidently runs Great Meetings, differentiating services per MSS positioning
  • Accountable for the delivery of quarterly, monthly meetings and tuning calls with assigned accounts
  • Handle technical account management responsibilities for assigned accounts
  • Helps improve the business, proactively engages when service is inconsistent, or risk is identified
  • Mentors team with technical advice / support
  • Identifies and manages out of scope requirements and facilitate the resolution
  • Builds and manages client relationship as a Trusted Partner
• Services Improvement and Enhancement - 40% job weight
  • Identifies and provides recommendations for technical deficiencies, service performance issues, product utilization, bugs, and enhancements
  • Accountable for executing on identified recommendations to improve client’s security posture
  • Develops reports and presentations; and provides technical knowledge transfer and analysis to clients on performance status, trends, and metrics in a specific area of discipline.
  • Recommends process enhancements and drives efficiency by reducing average time to trouble-shoot, repetitive issues and problem service tickets, reducing false-positives
  • Develops best practices, strategies, methodologies, business process documentation and templates to improve the business and align with financial targets
  • Develops new service definition and support the launch of new service offerings
  • Performs ongoing analysis and system testing of new system releases, upgrades, and/or patches in one or more specific technologies
  • Identifies and develops business process documentation to improve workflows and drive automation, creating efficiencies.
  •  Develops and improves Standard Operating Procedures (SOPs) and knowledge base articles
  • Conduct technical, procedural and incident handling knowledge transfer sessions
  • Carry out research on supported technologies and develop actionable threat advisory documentation
• Professional Development - 10% job weight
  • Develops Self-paced training content on supported technologies and processes
  • Maintains a strong network and promotes the organization at various meetings, forums, panels, publications, and conferences
  • Begins to establish thought leadership in the industry

What we expect of you:

• Bachelor's degree (B.A./B.S.) or 3-year diploma in Engineering, Computer Science, or a Technology related field and 7 years of security experience in a client-focused environment, and/or working in security operations center, and at least 2 years of experience leading projects and initiatives to improve and transform the business, OR
• 11 years total of Information Technology experience to include 7 years of security experience in a client-focused environment, and/or working in security operations center, and at least 2 years of experience leading projects and initiatives to improve and transform the business
• At least two technical advanced or expert level certifications in Managed Security Services disciplines, included but not limited to:
  • Check Point:  CCSE: Cisco;  CCNP Security, CyberOps Professional, CCIE Security; Palo Alto PCNSE, Cortex XDR-PMXdC; IBM QRadar Security: Administrator, Deployment Professional; SANS GCIA, GCIH, Splunk, CrowdStrike Falcon: CCCS, CCFR, CCFH, CCFA, CCIS; Exabeam: Advanced or Principal Implementation Engineer, Tenable VM Expert or similar technology certifications
• The position is part of a 7-day per week, 24-hour per day managed services operations. Must be available to work outside of the regular business hours which may include weekends and holidays.
• Excellent prioritization / and time management skills, including the ability to manage their time without supervision to focus on priorities and handle multiple tasks simultaneously.
• Experience designing, implementing, and supporting IT infrastructure and Information Systems Design or support involving hardware, software and services at an enterprise level for at least one discipline in the Managed Security Services portfolio
• Direct involvement in working with internal and external teams to implement and troubleshoot complex configuration hardware, software and services
• Experience presenting ideas and solutions to clients and adapting presentation style to fit particular client situations
• Demonstrated knowledge of company products and services, testing methodology, and system troubleshooting
• Demonstrated ability to investigate complex problems where analysis of situations or data requires an in- depth evaluation of variable factors from multiple IT infrastructure systems
• Demonstrated ability to establish positive working relationships and conduct complex and important work critical to the organization in a team, consulting environment
• Proven ability to select resolutions and techniques that meet technical requirements within the context of best practices, and make recommendations to achieve targeted objectives
• Clear, concise, and engaging communication and presentation skills in various settings.
• Collaborative problem-solving approach and mentorship ability.
• Proven ability to proactively step into team leadership roles and empower others to increase contribution and level of responsibility
• Consistently achieves high levels of customer satisfaction.
• Demonstrated ability to execute service delivery using productivity tools such as word processing, spreadsheet, diagram creation, presentation and email processing applications.

At CDW, we strive to offer market-competitive total rewards packages to attract and retain talent. As such, we are committed to  pay transparency and ensuring fair compensation for all our coworkers. Each of our roles is assigned a salary range that is informed by multiple sources of market data. We determine individual pay within a given range based on a candidate's prior experience, knowledge, skills and abilities. This approach allows us to offer competitive and equitable salaries that reflect the value and responsibilities of each role at CDW. Salaries are based on a 37.5-hour workweek, and paid on a bi-weekly payroll schedule.  

Pay range: $ 121,000.00 - $ 169,500.00, depending on experience and skill set 
 

About us   

We make technology work so people can do great things.   

CDW is a Fortune 500 technology solutions provider to business, government, education, and healthcare organizations across the globe. At CDW, we make it happen, together. Trust, connection and commitment are at the heart of how we work together to deliver for our customers. It’s why we’re coworkers, not just employees. Coworkers who genuinely believe in supporting our customers and one another. We collectively forge our path forward with a level of commitment that speaks to who we are and where we’re headed. We’re your long-term, full-stack, full-lifecycle technology partner. We have the experience, expertise, scale, relationships and deep industry knowledge to bring just about any vision to life. Together, we can deliver the full promise of what technology can do. Together, we Make Amazing Happen. 

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.   

We make technology work so people can do great things.      

CDW is a leading multi-brand provider of information technology solutions to business, government, education and healthcare customers in the United States, the United Kingdom and Canada. A Fortune 500 company and member of the S&P 500 Index, CDW helps its customers to navigate an increasingly complex IT market and maximize return on their technology investments. Together, we unite. Together, we win. Together, we thrive.

CDW is an equal opportunity employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, sex, sexual orientation, gender identity, national origin, disability status, protected veteran status or any other basis prohibited by state and local law. 

Security Consultant Intern, BS/MS, Summer 2026
_corporate_fare_ Google _place_ Toronto, ON, Canada _bar_chart_ Intern & Apprentice
_info_outline_
X
Please complete your application before **October 31st, 2025.**
Applications will be reviewed on a rolling basis and it's in a candidate's best interest to apply early.
Timing on when you can hear back will vary and can take upwards of 90+ days. If you haven't heard from us in three months about your application, we likely proceeded with other candidates for the role.
Participation in the internship program requires that you are located in Canada for the duration of the internship program.
This internship is intended for students in their penultimate academic year, who are pursuing a Bachelor's or Master's degree program in Computer Science, Information Security, or related technical field.
Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for this internship program.
To start the application process, you will need an updated CV or resume and a current unofficial or official transcript in English. Click on the "Apply" button on this page and provide the required materials in the appropriate sections (PDFs preferred):
1. In the "Resume Section:" attach an updated CV or resume.
2. **Please ensure you've listed your anticipated graduation date (in MM/YY)**
3. In the "Education Section:" attach a current or recent unofficial or official transcript in English.
4. Under "Degree Status," select "Now attending" to upload a transcript.
**Minimum qualifications:**
+ Currently pursuing a Bachelor's or Master's degree in Computer Science, Information Security, or related technical field
+ Experience in investigative or incident response environments
+ Experience in professional cyber security domains
**Preferred qualifications:**
+ Currently attending a degree program in Canada and available to work full time for 12 weeks outside of university term time
+ In their penultimate academic year or returning to a degree program after completion of the internship
+ Experience working in SOC analysis, malware research, threat hunting, or similar
+ Familiar with fundamentals of operating systems, including Linux, or OS X
**About the job**
We ensure the long-term success of our clients by providing talented, passionate, and specialized security expertise. Our Mandiant Security Consultants partner with clients to evaluate, create, develop, improve, and mature information security operations and programs. By utilizing the latest industry standards and combining experience and knowledge gained from Incident Response, Intelligence, and Managed Defense practices, we are able to develop defense forward information security programs for our clients.
Google is and always will be an developing company. We hire people with a broad set of technical skills who are ready to address some of technology's greatest challenges and make an impact on millions, if not billions, of users. At Google, developers not only revolutionize search, they routinely work on massive scalability and storage solutions, large-scale applications and entirely new platforms for developers around the world. From Google Ads to Chrome, Android to YouTube, Social to Local, Google developers are changing the world one technological achievement after another.
**Responsibilities**
+ Provide guidance on building and/or maturing cybersecurity programs and the implementation of tools and technologies used for enterprise security.
+ Evaluate client needs, coordinate design for a solution, and clearly communicate the value proposition of complex and highly technical subjects.
+ Implement and/or assess existing security controls.
+ Interface with clients to address concerns, issues, or escalations. Track and drive to closure any issues that impact the service and its value to clients.
+ Engage and collaborate with client stakeholders and other groups within customer environment to drive resolution for security issues.
Information collected and processed as part of your Google Careers profile, and any job applications you choose to submit is subject to Google'sApplicant and Candidate Privacy Policy (./privacy-policy) .
Google is proud to be an equal opportunity and affirmative action employer. We are committed to building a workforce that is representative of the users we serve, creating a culture of belonging, and providing an equal employment opportunity regardless of race, creed, color, religion, gender, sexual orientation, gender identity/expression, national origin, disability, age, genetic information, veteran status, marital status, pregnancy or related condition (including breastfeeding), expecting or parents-to-be, criminal histories consistent with legal requirements, or any other basis protected by law. See alsoGoogle's EEO Policy ( ,Know your rights: workplace discrimination is illegal ( ,Belonging at Google ( , andHow we hire ( .
If you have a need that requires accommodation, please let us know by completing ourAccommodations for Applicants form ( .
Google is a global company and, in order to facilitate efficient collaboration and communication globally, English proficiency is a requirement for all roles unless stated otherwise in the job posting.
To all recruitment agencies: Google does not accept agency resumes. Please do not forward resumes to our jobs alias, Google employees, or any other organization location. Google is not responsible for any fees related to unsolicited resumes.
Google is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. See also and If you have a need that requires accommodation, please let us know by completing our Accommodations for Applicants form:

Job Description

Job Description

*This is a remote position, and candidates must be located in Ontario, CA

NetSPI® is an award-winning pioneer of Penetration Testing as a Service (PTaaS) with its AI-powered platform supported by more than 350 in-house cybersecurity experts. Specializing in 50+ pentest types, attack surface visibility, vulnerability prioritization, and attack simulation, NetSPI delivers security testing with unprecedented clarity, speed, and scale.

NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at

Join the mission as a Security Consultant II. We’re seeking a technically skilled and analytical Web Application and AI/ML Penetration Tester to strengthen our cybersecurity defenses through advanced, cutting-edge testing of AI and machine learning systems. As a Penetration Tester supporting AI/ML, you will work closely with clients to deliver clear, actionable reports and contribute to the development of security best practices.

Responsibilities :

• Conduct engagements on Web Applications and API’s independently, providing technical oversight as needed, including those which contain AI/ML components and features.
• Perform prompt injection techniques against a variety of models, including text, voice, image, video, and multi-modal processing models.
• Present comprehensive penetration test findings to clients while emphasizing AI/ML risks, and collaborate on remediation strategies with model hardening, adversarial training, and threat mitigation.
• Create, deliver, and collaborate on penetration testing reports in diverse client environments, maintaining client-specific processes, reporting standards, and access protocols to help improve their security posture.
• Research and develop innovative techniques, tools, and methodologies for penetration testing services, alongside commitment to improvement and execution on NetSPI specific products and processes.
• Participate in development, implementation, and oversight of testing, delivery, and management strategies for key client accounts
• Perform administrative tasks related to day-to-day consulting activities to ensure smooth business and engagement operations.

Minimum Qualifications :

• Bachelor’s degree or higher, with a focus on IT, Computer Science, Engineering or Math or equivalent experience.
• Minimum of 2-4 years of work experience in Penetration Testing.
• Familiarity with attack techniques utilized against text, voice, image, video, and multi-modal models.
• Proficiency in using and customizing offensive toolkits for network, application, and AI/ML penetration testing.
• Understanding of Adversarial Machine Learning and its practical applications.
• Familiarity with offensive tools, based on applicable skillset (e.g., Kali Linux, Burp Suite, Metasploit, Nessus).
• Familiarity with offensive and defensive IT concepts and protocols.
• Extensive understanding of the OWASP Top 10 for both web applications and large language models, MITRE ATT&CK framework, and various security frameworks.
• Working knowledge of Windows, Linux and MacOS operating systems internals.
• Experience mentoring or coaching to growing team members.
• Ability to work independently and as part of a team.
• Proficient communication skills, both written and verbal.
• This position requires an 8-hour workday, with occasional evenings or weekends necessary to meet project deadlines or critical needs.

Preferred Qualifications:

• Ability to provide technical and QA oversight on AI/ML service line.
• Comprehensive knowledge of secure AI/ML development protocols and architecture.
• Strong problem-solving skills and the ability to think like both an attacker and a defender.
• A continuous learning mindset to keep up to date with the rapidly evolving AI/ML and cybersecurity landscapes.
• Experience with model interpretability and explainability tools to understand model behavior and potential biases.
• Experience in ML model development, feature engineering, and data pre-processing.
• Experience in one or more of the following programming or scripting languages: Ruby, Python, Perl, C, C++, Java, and C#
• Offensive Security Certifications (e.g., GXPN, GPEN, OSCP, GWAPT)

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.

Job Description

Job Description

*This is a remote position, and candidates must be located in Ontario, CA

NetSPI® is an award-winning pioneer of Penetration Testing as a Service (PTaaS) with its AI-powered platform supported by more than 350 in-house cybersecurity experts. Specializing in 50+ pentest types, attack surface visibility, vulnerability prioritization, and attack simulation, NetSPI delivers security testing with unprecedented clarity, speed, and scale.

NetSPI is on an exciting growth journey as we disrupt and improve the proactive security market. We are looking for individuals with a collaborative, innovative, and customer-first mindset to join our team. Learn more about our award-winning workplace culture and get to know our A-Team at

Join the mission as a Senior Security Consultant. We’re seeking a technically skilled and analytical AI/ML Penetration Tester to strengthen our cybersecurity defenses through advanced, cutting-edge testing of AI and machine learning systems. As a Penetration Tester supporting AI/ML, you will work closely with clients to deliver clear, actionable reports and contribute to the development of security best practices.

Responsibilities :

• Conduct engagements on AI/ML systems, web applications and API’s independently and provide technical oversight
• Design and execute advanced adversarial testing (e.g., evasion, data poisoning, model extraction, inversion/inference) to expose vulnerabilities in AI/ML pipelines and architectures.
• Present comprehensive penetration test findings to clients while emphasizing AI/ML risks, and collaborate on remediation strategies with model hardening, adversarial training, and threat mitigation.
• Help author tools, presentations, white papers, and blog posts to share insights on AI/ML security best practices and emerging attack trends with the broader cybersecurity community. Contribute to the cybersecurity community through tools, presentations, white papers, and blogging.
• Review reports for accuracy in technical oversight, perform weekly QA oversight, and provide mentoring support to others
• Create, deliver, and collaborate on penetration testing reports in diverse client environments, maintaining client-specific processes, reporting standards, and access protocols to help improve their security posture
• Research and develop innovative techniques, tools, and methodologies for penetration testing services, alongside commitment to improvement and execution on NetSPI specific products and processes
• Participate in development, implementation, and oversight of testing, delivery, and management strategies for key client accounts
• Perform administrative tasks related to day-to-day consulting activities to ensure smooth business and engagement operations.

Minimum Qualifications :

• Bachelor’s degree or higher, with a focus on IT, Computer Science, Engineering or Math or equivalent experience
• Minimum of 3-5 years of work experience in Penetration Testing
• Proficiency in using and customizing offensive toolkits for network, application, and AI/ML penetration testing
• Thorough understanding of how major ML frameworks (e.g., Tensorflow, PyTorch) are implemented in real-world training and deployment pipelines.
• Understanding of how to deploy AI/ML models with LangChain, including secure configuration of data flows, environment isolation, and integration with production systems
• Understanding of Adversarial Machine Learning and its practical applications
• Familiarity with offensive tools, based on applicable skillset (e.g., Kali Linux, Burp Suite, Metasploit, Nessus)
• Familiarity with offensive and defensive IT concepts and protocols
• Extensive understanding of the OWASP Top 10, MITRE ATT&CK framework, and various security frameworks.
• Working knowledge of Windows, Linux and MacOS operating systems internals
• Experience mentoring or coaching to growing team members, while sharing knowledge externally through blogs, hosting webinars, or presenting at conferences
• Ability to work independently and as part of a team
• Proficient communication skills, both written and verbal
• Willingness to travel up to 5-10% minimum
• This position requires an 8-hour workday, with occasional evenings or weekends necessary to meet project deadlines or critical needs

Preferred Qualifications:

• Ability to provide technical and QA oversight on AI/ML service line.
• Comprehensive knowledge of secure AI/ML development protocols and architecture
• Strong problem-solving skills and the ability to think like both an attacker and a defender.
• A continuous learning mindset to keep up to date with the rapidly evolving AI/ML and cybersecurity landscapes.
• Experience with model interpretability and explainability tools to understand model behavior and potential biases.
• Experience in ML model development, feature engineering, and data pre-processing.
• Experience in one or more of the following programming or scripting languages (e.g., Ruby, Python, Perl, C, C++, Java, and C#)
• Offensive Security Certifications (e.g., GXPN, GPEN, OSCP, GWAPT)

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.

**Job description -** **Attestation Info Security Analyst**
**Collaboration:** Work with cross functional teams to support Identity Governance solutions that integrate Provisioning, Authentication, and Authorization process.
**Incident Resolution:** Troubleshoot IAM related issues independently or collaboratively while adhering to service standards.
Assist in data cleanup and analysis to support day to day operations of IGA platform.
**Continuous Improvement:** Participate and lead initiatives that optimize IAM workflows and implementing new technologies.
Use data driven insights to recommend improvements to Identity Governance processes.
**Access Review:** Conduct periodic reviews of user access rights and permissions to ensure compliance with organizational policies.
**Reporting:** Independently resolve reporting requests by generating detailed reports on IAM metrics, including access trends, and access review decisions.
Collect, analyze, and interpret Access Management data and present information in business-friendly language.
Experience in responding to Audit and Compliance inquiries by gathering evidence to support control requirements.
**Collaboration:** Collaborate with application and business owners to reconcile roles and entitlements based on business needs.
Cognizant is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.

The Information Security Officer is a senior level professional position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall objective of this role is to ensure the execution of Information Security directives and activities in alignment with Citi's data security policy.
**Responsibilities:**
+ Perform security reviews on SaaS and PaaS products
+ Performing security assessment on Saas & Paas
+ Ability to engage in deep technical discussions with other Engineering groups, as well as ability to convey the same concepts and issues at an elevated level to senior leadership.
+ Ability to execute technical responsibilities, including, Design / Architecture reviews, Code / Configuration reviews and vulnerability assessment.
+ Develops security architecture, strategy, planning, and problem-solving solutions on an enterprise level.
+ Identify opportunities to automate and standardize information security controls and for the supported groups
+ Resolve any vulnerabilities or issues detected in an application or infrastructure
+ Analyze source code to mitigate identified weaknesses and vulnerabilities within the system
+ Review and validate automated testing results and prioritize actions that resolve issues based on overall risk
+ Scan and analyze applications with automated tools, and perform manual testing if necessary
+ Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions
+ Direct the development and delivery of secure solutions by coordinating with business and technical contacts
+ Recommend security solutions according to Security Policy and Practices established by Citigroup.
+ Establish and maintain relationships with domain architects, project managers, and others within the technology development unit.
+ Maintains continuous awareness of business, technical, and infrastructure issues and acts as a sounding board or consultant to aid in the development of creative GCP security architecture solutions.
+ Interfaces with vendors to security assess their technology and to guide their product roadmap based on Citi's security requirements.
**Qualifications:**
+ 6-10 years of relevant experience as an ISO officer
+ Proficiency in application, architecture, information, and cyber security
+ Proficiency in one or more: GCP, AWS and Azure
+ Advanced proficiency with Microsoft Office tools and software
+ Consistently demonstrates clear and concise written and verbal communication
+ 5-10 years of experience in Application Security and/or Security Architecture
+ 5-10 years of experience Public & Private Cloud Security
**Education:**
+ Bachelor's degree/University degree in Information Security/Computer Science/Electrical, Mechanical Engineering /Information Technology or equivalent experience
+ Master's degree preferred
+ Professional certifications, such as CISSP and CSSLP, or willingness to obtain certification within 12-18 months of start date.
This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required
**About Citi**
Citi, the leading global bank, has approximately 200 million customer accounts and does business in more than 160 countries and jurisdictions. Citi provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management.
As a bank with a brain and a soul, Citi creates economic value that is systemically responsible and in our clients' best interests. As a financial institution that touches every region of the world and every sector that shapes your daily life, our Operations & Technology teams are charged with a mission that rivals any large tech company. Our technology solutions are the foundations of everything we do from keeping the bank safe, managing global resources, and providing the technical tools our workers need to be successful to designing our digital architecture and ensuring our platforms provide a first-class customer experience. We reimagine client and partner experiences to deliver excellence through secure, reliable, and efficient services.
Our commitment to diversity includes a workforce that represents the clients we serve from all walks of life, backgrounds, and origins. We foster an environment where the best people want to work. We value and demand respect for others, promote individuals based on merit, and ensure opportunities for personal development are widely available to all. Ideal candidates are innovators with well-rounded backgrounds who bring their authentic selves to work and complement our culture of delivering results with pride. If you are a problem solver who seeks passion in your work, come join us. We'll enable growth and progress together.
---
**Job Family Group:**
Technology
---
**Job Family:**
Information Security
---
**Time Type:**
Full time
---
**Primary Location Full Time Salary Range:**
$120,800.00 - $170,800.00
---
**Most Relevant Skills**
Please see the requirements listed above.
---
**Other Relevant Skills**
For complementary skills, please see above and/or contact the recruiter.
---
_Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law._
_If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review_ _Accessibility at Citi ( _._
_View Citi's_ _EEO Policy Statement ( _and the_ _Know Your Rights ( _poster._
Citi is an equal opportunity and affirmative action employer.
Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.

**Work Location:**
Toronto, Ontario, Canada
**Hours:**
37.5
**Line of Business:**
Technology Solutions
**Pay Details:**
$91,200 - $136,800 CAD
TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs.
As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role.
**Job Description:**
**Responsibilities:**
+ Provide consultation and advice to partners on a broad range Technology Controls / Information Security programs / policies / standards and incidents for own specialized area
+ Conduct project consulting on assessment of risk, definition of required controls, appropriateness of implemented control procedures, vulnerability assessments and any other relevant areas
+ Lead or contribute to completion of risk and control design assessments for an application portfolio, articulate and document impact of control gaps to the business and the overall Bank, risk mitigation and remediation plans, remediation strategy document as applicable
+ Contribute to the definition, development, and oversight of a global security management strategy and framework
+ Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology / security threats against TDBG's business
+ Develop on-going Technology Risk reporting, monitoring key trends and defining metrics to regularly measure control effectiveness for own area
+ Work proactively with technology partners / stakeholders and service/platform owners to ensure all technology security components are integrated into the bank's overall Enterprise Architecture, and any control gaps are addressed.
+ Consult on Regulatory compliance requirements, reporting and questions
+ Provide support and consulting in preparation for Audits and in composing management responses and appropriate remediation activities
+ Participate in computer security incident responses relevant to business (or enterprise wide) and represent respective function and Enterprise position to the business, and business needs to incident response team
+ Continuously enhance knowledge / expertise in own area
+ Keep current on emerging trends / developments and grow knowledge of the business, analytical tools and techniques
+ Prioritize and manage own workload to deliver quality results and meet assigned timelines
+ Support a positive work environment that promotes service to the business, quality, innovation and teamwork and ensure timely communication of issues/ points of interest
+ Identify and recommend opportunities to enhance productivity, effectiveness and operational efficiency
+ Establish effective relationships across multiple business and technology partners, program and project managers
+ Participate in knowledge transfer within the team and business units
**Requirements:**
+ 7+ years of relevant experience
+ Expert knowledge of IT security and risk disciplines and practices
+ Advanced knowledge of of organization, technology controls / security/ risk issues
+ Experience as a lead expert resource in technology controls and information security
+ Strong presentation skills and ability to work with stakeholders at all different levels
+ University degree
+ Information security certification / accreditation an asset
#LI-TECH
**Who We Are:**
TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues.
TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you.
**Our Total Rewards Package**
Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical, and mental well-being goals. Total Rewards at TD includes a base salary, variable compensation, and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off, banking benefits and discounts, career development, and reward and recognition programs. Learn more ( Information:**
We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home.
Please be advised that this job opportunity is subject to provincial regulation for employment purposes. It is imperative to acknowledge that each province or territory within the jurisdiction of Canada may have its own set of regulations, requirements.
**Colleague Development**
If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals.
**Training & Onboarding**
We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role.
**Interview Process**
We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call.
**Accommodation**
Your accessibility is important to us. Please let us know if you'd like accommodations (including accessible meeting rooms, captioning for virtual interviews, etc.) to help us remove barriers so that you can participate throughout the interview process.
We look forward to hearing from you!
**Language Requirement (Quebec only):**
Sans Objet
Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.

Job Description

Job Description

Founded in 1974, CMiC today delivers comprehensive and advanced enterprise and field operations solutions, purpose-built for construction and capital projects companies. CMiC’s powerful software transforms how firms optimize productivity, minimize risk and drive growth by planning and managing all financials, projects, resources, and content assets - all from a single database platform.

In the past several years, the construction industry has experienced unprecedented changes driven by new technologies - including integration with multi-dimensional modeling, an explosion of cloud-based offerings and the demand for robust mobile capabilities. CMiC has kept pace by constantly upgrading and enhancing our advanced platform to reflect the changing needs of the industry, leading to significant growth as a company.

Job Overview/Position Summary

The Manager, Information Security will assist the Chief Information Security Officer (CISO) to develop and implement cybersecurity strategies that protect our organization's information assets and those of our customers’. This role requires a good understanding of cybersecurity principles, strong leadership skills, and the ability to collaborate across departments to achieve security goals

Primary Responsibilities:

• Assist in the development, implementation, and management of the organization's cybersecurity strategy.
• Monitor and analyze security threats, vulnerabilities, and incidents to identify risks and mitigate them effectively.
• Assist in the design and enforcement of security policies, standards, and procedures.
• Oversee implementation and evidence collection of the SOC 1 & 2 and ISO 27001 audits
• Collaborate with IT, legal, and other internal stakeholders to ensure alignment with security protocols and regulatory requirements.
• Provide technical and operational guidance in the development and implementation of information security programs.
• Manage security incidents and coordinate incident response efforts, including root cause analysis and remediation.
• Stay current with emerging security trends, technologies, and regulatory changes.
• Report on security metrics and provide updates to senior management and the Information and Privacy Governance Committee.

Other responsibilities

• Responsible for the development and maintenance of disaster recovery and business continuity plans and table top exercises.
• Responsible for regular security reviews and risk assessments to identify and address potential security weaknesses.

Requirements

Education and Experience:

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Certified Information Systems Security Professional (CISSP) or other relevant certifications.
• Minimum of 3 years of experience in information security management or a related role.

Skills and Competencies:

• A solid understanding of cybersecurity principles, network security, encryption, and vulnerability management
• Strong understanding of risk management framework and ability to identify, assess, and mitigate risks to the organization's information assets.
• Ability to develop and implement long-term security strategies that align with the organization's goals.

Preferred Qualifications (Optional)

• Strong knowledge of cybersecurity frameworks (e.g., NIST, ISO 27001, AICPA Trust Services Criteria) and regulatory requirements.
• Be a self-starter and take ownership of initiatives.
• Excellent analytical, problem-solving, and decision-making skills.
• Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to non-technical stakeholders.
• Proven leadership abilities and experience in managing security team.
• Having IT Operational experience is a bonus.

Work Environment (Optional)

• CMiC has a hybrid work environment. Successful candidate is expected to be in the office one to two days a week.

Benefits

• Competitive benefits Package (including Health & Dental benefits)
• Paid vacation and personal days
• Townhall meetings where all employees are encouraged to participate in open discussions
• Located on York University’s campus, easily accessible by transit (TTC, GO, etc.), walking distance to shopping and restaurants
• Outdoor lunch space, including picnic tables
• An active Social Events Committee (past events include annual seasonal parties, pool and bowling tournaments, karaoke nights, Game nights, BBQs, and more)
• Health and Wellness focus including virtual yoga classes and wellness webinars
• RRSP Matching Program after 2 years of employment
• Experience in a rapidly growing, socially responsible corporation

CMiC is an Equal Opportunity Employer. In accordance with the Accessibility for Ontarians with Disabilities Act, 2005 and the Ontario Human Rights Code, CMiC will provide accommodation to applicants with disabilities throughout the recruitment, selection and/or assessment process. If selected to participate in the recruitment, selection and/or assessment process, please inform Human Resources staff of the nature of any accommodation(s) that you may require.