IT Architect II - Cloud Security Architect

TD Description

About TD Bank, America's Most Convenient Bank®

TD Bank, America's Most Convenient Bank, is one of the 10 largest banks in the U.S., providing more than 8 million customers with a full range of retail, small business and commercial banking products and services at approximately 1,300 convenient locations throughout the Northeast, Mid-Atlantic, Metro D.C., the Carolinas and Florida. In addition, TD Bank and its subsidiaries offer customized private banking and wealth management services through TD Wealth®, and vehicle financing and dealer commercial services through TD Auto Finance. TD Bank is headquartered in Cherry Hill, N.J. To learn more, visit Find TD Bank on Facebook at and on Twitter at

TD Bank, America's Most Convenient Bank, is a member of TD Bank Group and a subsidiary of The Toronto-Dominion Bank of Toronto, Canada, a top 10 financial services company in North America. The Toronto-Dominion Bank trades on the New York and Toronto stock exchanges under the ticker symbol "TD". To learn more, visit

Department Overview

Our Cloud Security Architect team focuses on leading, designing and developing Azure and AWS security solutions for protecting TD and its customers' data. The team directly contributes to the overall global enterprise cloud architecture and leads the security vision and strategy around cloud-based applications which include Infrastructure, Platform and Software as a Service (IaaS/PaaS/SaaS).

Reporting into the Head of Security Architecture, the Cloud Security Architect team serves as the central point of contact for enterprise security for other technology teams within the organization for all matters related to cloud security.

Job Description

About This Role

The successful candidate possesses the expert interpersonal and communication skills required to partner with other leaders across the business to identify opportunities, risks and develop solutions that support business strategies and protect organization intellectual property on a global scale.
In response to today's transformative era, the Cloud Security Architect will work autonomously on high-profile, complex cloud technology initiatives with significant impact to the organization. While providing technical leadership, this individual will provide consulting and direction to multiple businesses and product teams, while remaining focused on growing our Cloud Security Architecture practice.

Meaningful work is fueled by meaningful performance and career development conversations with your manager. Here are the essential job functions of this position:

    • Represent Security Platform in development and implementation of the overall global enterprise cloud architecture
    • Act as the ambassador and senior technical representative for Enterprise Security while engaging with other senior technical leaders throughout the organization in design and implementation of cloud and cloud/hybrid-based implementations and solutions
    • Collaborate with engineering, infrastructure services, and application development organizations to choose appropriate technology solutions and facilitating complete integration of these solutions into the company environments
    • Develop standards in partnership with Engineering, Infrastructure Services, and Application Development
    • Contribute to the Development of Standards, Technical Security Specifications and Operating Procedures as required.
    • Develop and execute strategies to increase Cloud Security knowledge throughout the enterprise
    • Design and develop security architectures for the target public cloud
    • Define and secure connectivity patterns with approved Global Identity and Access Management (GIAM), Network, Data Protection, Encryption and Protection of Cloud Resources
    • Ensure architecture patterns align with TD's enterprise standards
    • Identify key cloud services and capabilities that support TD's cloud strategy
    • Define security architecture patterns for the platform including tenant, network, application, data, logging and monitoring
    • Establish and enhance application migration strategies for cloud
    • Work with application teams to integrate automated security capabilities into existing codebases
    • Define application consumption patterns with security requirements

    Job Requirements

    What can you bring to TD? Share your credentials, but your relevant experience and knowledge can be just as likely to get our attention. Here are the minimum requirements for this position:
    • Undergraduate Degree or Technical Certificate.
    • Graduate Degree preferred.
    • 7+ years relevant experience.
    • Expert knowledge of architecture related to specific technologies, tools, processes, procedures and broader business issues and relevant technologies.
    • Advanced knowledge of the business and associated standards, infrastructure, architecture and technology from a design or solution perspective.
    • Interest and proven ability to work autonomously on complex, highly-visible architecture projects and initiatives.
    • Readiness to act as a lead expert resource in architectural information exchange for project teams, the business and outside vendors.
    • Demonstrated experience in managing and directing architecture analysis and design activities on larger, high-risk and highly complex projects.
    • Must be eligible for employment under regulatory standards applicable to the position.


    Preferred Qualifications - Here are the preferred qualifications for this role:

    • At least 5 years of experience with Security Architect and/or Security Engineering
    • 2+ years of experience working on cloud platforms architecture leveraging Public Cloud (i.e. Azure, GCP, AWS, etc.)
    • Proven experience working on large and complex cloud transformation projects, cloud adoption framework (CAF), DevSecOps
    • Proficient in defining cloud architecture patterns using Azure and AWS Blueprints
    • Ability to assess, develop, implement, optimize and document a comprehensive and broad set of security technologies and processes including secure software development (application security), data protection, cryptography, key management, identity and access management (IAM), network security within SaaS, PaaS and IaaS
    • Working knowledge of common and industry standard modern authentication mechanisms (OAuth, OpenID, etc.)
    • Working knowledge of APIs best practices and orchestration for cloud-based services
    • Experience working with cloud security and governance tools (i.e. Sonrai, Azure Policy, AWS Config, etc.) and cloud access security brokers (CASBs)
    • Experienced with architecting developing, and supporting enterprise applications
    • Experience performing threat modeling and design reviews to assess security implications and requirements for the introduction of new technologies
    • Proven ability to represent technical viewpoints to diverse audiences and in making timely and prudent technical risk decisions
    • Experience with deployment orchestration, automation and security configuration management (GitHub, Git, Terraform, Jenkins, etc.)
    • Certification in CISSP, CCSP or CCSK, Azure, AWS, Google (GCP) is an asset


    At TD, we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of our customers and communities in which we live in and serve, and creating an environment where every employee has the opportunity to reach their potential.

    If you are a candidate with a disability and need an accommodation to complete the application process, email the TD Bank US Workplace Accommodations Program at . Include your full name, best way to reach you, and the accommodation needed to assist you with the application process.

    EOE/Minorities/Females/Veterans/Individuals with Disabilities/Sexual Orientation/Gender Identity.