Senior Information Security Consultant jobs at Capital One

Job information: Functional title - Application Security Specialist Department - IT Security Corporate level - Vice President Report to - Director, Application Security Expected full-time salary range between $ 140,000- $180,000 + variable compensation + 401(k) match + benefits. What you will be doing: Perform Application Security scans (e.g. DAST and SCA) on applications and APIs to identify security vulnerabilities and weaknesses, Triage security findings and collaborate with development teams to prioritize and remediate identified vulnerabilities. Drive threat modelling as a standard part of the SDLC, and develop and maintain threat models for critical applications, identifying potential security risks and proposing mitigations. Drive the Security Champions program, and define and promote secure coding practices, patterns, and standards across development teams. Conduct security reviews and provide guidance on security requirements for new features and projects. Assist in the analysis, selection and rollout of new application security tools, processes, and standards. Stay up to date with the latest security threats, vulnerabilities, and industry best practices. What we're looking for: Proven experience in application security with a focus on application security testing and vulnerability management. Hands-on experience with Application Security tools. Strong understanding of common application vulnerabilities (e.g., OWASP Top 10) and mitigation techniques. Experience with threat modelling methodologies and tools. Proficiency in at least one programming language (e.g., Java, Python, JavaScript). Excellent communication and collaboration skills, with the ability to work effectively in cross functional teams. Strong understanding of risk management. Professional qualifications / certifications Degree in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent). Relevant security certifications (e.g. CISSP, CEH, CSSLP) or equivalent is preferred.

Must Have Technical/Functional Skills New JD requirement: Security Consultant The hiring manager has shared the following details: · The manager is looking for candidates with relevant experience in GRC audit and risk assessment. · Ideal experience: 2-4 years in that domain. · Extensive experience in incident management is not required. Role expectations: 60% - Incident Life Cycle Management, 20% - Risk Assessment and Management across all suppliers and 20% - Audit Assessment, Additionally, a manufacturing industry background would be preferred. Cyber Security assessment Analyst conducts and supports the cyber security controls risk assessment and management process across all our suppliers. Responsibilities include assessing our suppliers' current adequacy of the security controls & strategy, business continuity /disaster recovery plans, threats to the systems, and then calculating the impact of potential adverse events. Audits and assessments must be continual, as the threat profiles change constantly. The Analyst will keep executive management up to date on the results of the risk assessment and make recommendations for mitigations, or projects, to protect supplier and customer systems Roles & Responsibilities • Demonstrate strong knowledge in IT controls, risk assessments, and assessment of security measures • Identify opportunities to continuously innovate and improve the program and value delivered to organization • Ensure successful completion of the annual supplier cyber security assessments • Independently and proactively plans and performs assigned audit engagements related to security, confidentiality, integrity, information protection and availability of data • Conduct cyber security assessments & evaluate in alignment to the supplier security control framework • Ensure effectiveness of approved controls and drive risk remediations or changes from previous audit for existing certified suppliers • Inform and advise business leaders on supplier's information security risks • Provide subject matter expertise in third-party risk management. • Proactively research and work in enhancing improvements to our existing process related to documentation and security assessments. • Automate security assessment processes & tools to review the security controls for cloud-based applications • Ability to multi-task and manage multiple global projects at the same time. • Ability to work collaboratively across diverse team in a matrix type organization • Bachelor's degree in Science & Engineering or technical discipline is required. • 7 years of information security & assessment experience with increased responsibilities • In-depth knowledge of security assessment/audit principles • Understanding of networking principles and data protection • Ability to identify problems, analyze data and present conclusions • Strong verbal, written and presentations skills • Knowledge of information security frameworks such as ISO 27001 /NIST CSF is preferred • Experience in supply chain cyber assessment and related tools usage is preferred • CISA, CISM, certifications are preferred • Excellent communication skills. • Able to work as part of a virtual global team with cultural, language, and time zone differences. • Able to deal with ambiguity and work independently with minimal supervision/guidance. Education and Requirements Qualifications: Bachelor's degree in Science & Engineering or technical discipline is required. 8 years of specializing in end-to-end incident lifecycle management including detection, triage, recovery, root cause analysis Proven expertise in coordinating cross-functional response teams, optimizing playbooks and maturing incident management processes aligned to NIST, ISO and MITRE ATT&CK Knowledge of NIST 800-61, MITRE ATTA&CK, ISO 27001, CIS Controls 7 years of information security & assessment experience with increased responsibilities In-depth knowledge of security assessment/audit principles TCS Employee Benefits Summary: Discretionary Annual Incentive. Comprehensive Medical Coverage: Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans. Family Support: Ma ternal & Parental Leaves. Insurance Options: Auto & Home Insurance, Identity Theft Protection. Convenience & Professional Growth: Commute r Benefits & Certification & Training Reimbursement. Time Off: Vacation, Time Off, Sick Leave & Holidays. Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing.

At Freddie Mac, our mission of Making Home Possible is what motivates us, and it's at the core of everything we do. Since our charter in 1970, we have made home possible for more than 90 million families across the country. Join an organization where your work contributes to a greater purpose. Position Overview: Freddie Mac is seeking an experienced Manager to join our Third Party Risk Governance (TPRG) Information Security (Cyber) team. Your role will be vital in identifying potential risks and ensuring that effective mitigation strategies are in place. If you have a strong foundation in risk management and cybersecurity, and are committed to protecting organizations from threats, we invite you to apply for this critical role at Freddie Mac. Our Impact: The Seller/Servicer Information Security Oversight Team, within Third-Party Risk Management, is responsible for monitoring the information security standards of seller/servicers to ensure the safeguarding of Freddie Mac's data in alignment with the Freddie Mac Guide. Our team of cyber risk specialists is actively involved in monitoring, identifying, detecting, and responding to cyber threats. Through regular vulnerability scans, they work diligently to mitigate information security risks to Freddie Mac. Your Impact: As a Manager, you will play a key role in enhancing our oversight of third-party risk management. Your responsibilities will include: Leading initiatives to conduct thorough cybersecurity risk assessments. Applying the Cybersecurity Framework (CSF) to structure and improve our risk management processes. Collaborating with various stakeholders to identify and assess potential information security risks. Developing and implementing strategic plans to effectively mitigate identified risks. Ensuring the continuous improvement of our cybersecurity posture through proactive risk management and oversight. Conducting comprehensive Information Security risk reviews and interviews with seller/servicers as part of the annual Consolidated Origination and Risk Evaluation (CORE) review. Analyzing findings from these reviews and developing a detailed risk assessment, backed by supporting evidence. Qualifications: 8+ years of experience in risk management, internal controls, audit, or compliance, preferably within financial services or mortgage operations 8 to 10 years of experience in cybersecurity or cyber risk management, with a focus on highly regulated industries. Bachelor's degree in computer science, engineering, or a related field, or equivalent work experience, preferred. Proficiency in performing risk analyses, vulnerability assessments, and threat modeling. Proven track record of leading risk assessment and controls initiatives across business functions Proven experience engaging with senior leadership to understand and align with strategic goals. Experience in IT governance, risk, and controls, including familiarity with frameworks such as COBIT, FFIEC, ISO 2700x, and NIST. Strong analytical and problem-solving skills. Excellent communication skills for articulating technical risks to non-technical audiences. In-depth knowledge of cybersecurity principles, networks, and operating systems, with experience in relevant frameworks like NIST and ISO 27001. Industry certifications such as Sec+, SSCP, GSEC or C|EH, preferred Keys to Success: Significant understanding of the Third-Party Risk Governance process Ability to perform additional duties as assigned to support the organization's evolving needs. Strong analytical and problem-solving skills. Excellent communication skills for articulating technical risks to non-technical audiences. In-depth knowledge of cybersecurity principles, networks, and operating systems, with experience in relevant frameworks like NIST and ISO 27001 Possess a deep understanding of NIST standards and evaluate seller/servicers' compliance with the Freddie Mac Guide. Identify and assess potential risks and vulnerabilities to our systems and data posed by third parties, utilizing approved monitoring tools. Conduct thorough risk assessments, analyze potential threats, and evaluate third-party information security processes and procedures. Identify associated risks and provide a comprehensive risk assessment with supporting evidence. Current Freddie Mac employees please apply through the internal career site. We consider all applicants for all positions without regard to gender, race, color, religion, national origin, age, marital status, veteran status, sexual orientation, gender identity/expression, physical and mental disability, pregnancy, ethnicity, genetic information or any other protected categories under applicable federal, state or local laws. We will ensure that individuals are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. A safe and secure environment is critical to Freddie Mac's business. This includes employee commitment to our acceptable use policy, applying a vigilance-first approach to work, supporting regulatory mandates, and using best practices to protect Freddie Mac from potential threats and risk. Employees exercise this responsibility by executing against policies and procedures and adhering to privacy & security obligations as required via training programs. CA Applicants: Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Notice to External Search Firms: Freddie Mac partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Freddie Mac will not be obligated to pay a placement fee. If interested in learning more, please visit ****************** and register with our referral code: MAC. Time-type:Full time FLSA Status:Exempt Freddie Mac offers a comprehensive total rewards package to include competitive compensation and market-leading benefit programs. Information on these benefit programs is available on our Careers site. This position has an annualized market-based salary range of $142,000 - $214,000 and is eligible to participate in the annual incentive program. The final salary offered will generally fall within this range and is dependent on various factors including but not limited to the responsibilities of the position, experience, skill set, internal pay equity and other relevant qualifications of the applicant.

At Freddie Mac, our mission of Making Home Possible is what motivates us, and it's at the core of everything we do. Since our charter in 1970, we have made home possible for more than 90 million families across the country. Join an organization where your work contributes to a greater purpose. Position Overview: Freddie Mac is seeking an experienced Manager to join our Third Party Risk Governance (TPRG) Information Security (Cyber) team. Your role will be vital in identifying potential risks and ensuring that effective mitigation strategies are in place. If you have a strong foundation in risk management and cybersecurity, and are committed to protecting organizations from threats, we invite you to apply for this critical role at Freddie Mac. Our Impact: The Seller/Servicer Information Security Oversight Team, within Third-Party Risk Management, is responsible for monitoring the information security standards of seller/servicers to ensure the safeguarding of Freddie Mac's data in alignment with the Freddie Mac Guide. Our team of cyber risk specialists is actively involved in monitoring, identifying, detecting, and responding to cyber threats. Through regular vulnerability scans, they work diligently to mitigate information security risks to Freddie Mac. Your Impact: * As a Manager, you will play a key role in enhancing our oversight of third-party risk management. Your responsibilities will include: * Leading initiatives to conduct thorough cybersecurity risk assessments. * Applying the Cybersecurity Framework (CSF) to structure and improve our risk management processes. * Collaborating with various stakeholders to identify and assess potential information security risks. * Developing and implementing strategic plans to effectively mitigate identified risks. * Ensuring the continuous improvement of our cybersecurity posture through proactive risk management and oversight. * Conducting comprehensive Information Security risk reviews and interviews with seller/servicers as part of the annual Consolidated Origination and Risk Evaluation (CORE) review. * Analyzing findings from these reviews and developing a detailed risk assessment, backed by supporting evidence. Qualifications: * 8+ years of experience in risk management, internal controls, audit, or compliance, preferably within financial services or mortgage operations * 8 to 10 years of experience in cybersecurity or cyber risk management, with a focus on highly regulated industries. * Bachelor's degree in computer science, engineering, or a related field, or equivalent work experience, preferred. * Proficiency in performing risk analyses, vulnerability assessments, and threat modeling. * Proven track record of leading risk assessment and controls initiatives across business functions * Proven experience engaging with senior leadership to understand and align with strategic goals. * Experience in IT governance, risk, and controls, including familiarity with frameworks such as COBIT, FFIEC, ISO 2700x, and NIST. * Strong analytical and problem-solving skills. * Excellent communication skills for articulating technical risks to non-technical audiences. * In-depth knowledge of cybersecurity principles, networks, and operating systems, with experience in relevant frameworks like NIST and ISO 27001. * Industry certifications such as Sec+, SSCP, GSEC or C|EH, preferred Keys to Success: * Significant understanding of the Third-Party Risk Governance process * Ability to perform additional duties as assigned to support the organization's evolving needs. * Strong analytical and problem-solving skills. * Excellent communication skills for articulating technical risks to non-technical audiences. * In-depth knowledge of cybersecurity principles, networks, and operating systems, with experience in relevant frameworks like NIST and ISO 27001 * Possess a deep understanding of NIST standards and evaluate seller/servicers' compliance with the Freddie Mac Guide. * Identify and assess potential risks and vulnerabilities to our systems and data posed by third parties, utilizing approved monitoring tools. * Conduct thorough risk assessments, analyze potential threats, and evaluate third-party information security processes and procedures. * Identify associated risks and provide a comprehensive risk assessment with supporting evidence. Current Freddie Mac employees please apply through the internal career site. We consider all applicants for all positions without regard to gender, race, color, religion, national origin, age, marital status, veteran status, sexual orientation, gender identity/expression, physical and mental disability, pregnancy, ethnicity, genetic information or any other protected categories under applicable federal, state or local laws. We will ensure that individuals are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation. A safe and secure environment is critical to Freddie Mac's business. This includes employee commitment to our acceptable use policy, applying a vigilance-first approach to work, supporting regulatory mandates, and using best practices to protect Freddie Mac from potential threats and risk. Employees exercise this responsibility by executing against policies and procedures and adhering to privacy & security obligations as required via training programs. CA Applicants: Qualified applications with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Notice to External Search Firms: Freddie Mac partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Freddie Mac will not be obligated to pay a placement fee. If interested in learning more, please visit ****************** and register with our referral code: MAC. Time-type:Full time FLSA Status:Exempt Freddie Mac offers a comprehensive total rewards package to include competitive compensation and market-leading benefit programs. Information on these benefit programs is available on our Careers site. This position has an annualized market-based salary range of $142,000 - $214,000 and is eligible to participate in the annual incentive program. The final salary offered will generally fall within this range and is dependent on various factors including but not limited to the responsibilities of the position, experience, skill set, internal pay equity and other relevant qualifications of the applicant.

Title: Information Security Manager Department: Information Security Reports to: SVP, Chief Information Officer Supervises: None Classification: Exempt Date Prepared: April 2025 Summary / Objective The Information Security Manager is responsible for developing, implementing, and maintaining the organization's information security program in compliance with the FFIEC IT Examination Handbook and other regulatory requirements. The ISM ensures the protection of sensitive data, manages cyber risks, and works closely with management, IT, risk, and compliance teams to enforce security policies, controls, and best practices. The initial training period will be on-site. After the initial training period, time to be determined, this will be a hybrid role. Experience & Education Requirements: Bachelor's degree in Computer Science, Information Security, Cybersecurity, or a related field or equivalent experience. Industry-recognized certifications such as CISSP, CISM, CISA, CRISC, or GIAC preferred 5+ years of experience in information security, cybersecurity, or IT risk management, preferably within a financial institution. Strong understanding of FFIEC guidelines, Information Security frameworks, PCI-DSS, GLBA, and banking regulations. Experience with security architecture, incident response, SIEM tools, and identity & access management (IAM). Familiarity with cloud security, digital banking risks, and payment systems security. Job Requirements: Strong risk management skills and mindset. Extensive knowledge of cyber security concepts, principles, methods, and products. General knowledge of financial and banking technology including core banking software, loan origination platforms, online and mobile banking platforms, general ledger software, ATM technology, etc., preferred. Proficiency in interpreting and analyzing impact of federal and state regulations, with proficiency in banking regulations required, preferred. Experience performing compliance reviews/audits for a financial institution, preferred. Experience in developing and delivering Information/Cyber Security or other technical training. Ability to communicate complex technical topics to non-technical audience. Ability to keep pace with the rapidly evolving threat landscape. Proficient in Microsoft Office Suite products. Qualifications Specific Job Functions: Governance and Security Program Management Maintain an enterprise-wide information security program in alignment with FFIEC guidelines and industry best practices. Establish and enforce security policies, standards, and procedures to protect the institution's assets, including customer and financial data. Report security risks and incidents to senior management and the Board of Directors. Ensure compliance with regulatory requirements such as GLBA, BSA/AML, PCI-DSS, and other applicable laws. Serve as back up for the risk assessment process, evaluating threats and vulnerabilities to information assets. Risk Management and Compliance Oversee the implementation of technical and administrative security controls to mitigate risks. Monitor compliance with security policies and procedures through audits, reviews, and gap analyses. Ensure the organization follows an established industry framework (e.g., NIST, CIS). Serve as back up for information security risk assessments. Work with IT in ongoing IAM updates and review and monitor IAM reports Incident Response and Business Continuity Develop and maintain the Incident Response Plan (IRP) and coordinate responses to cyber threats, security breaches, and fraud attempts. Complete annual tests and exercises. Establish and test the Business Continuity Plan (BCP) in coordination with IT and Risk Management and individual business units. Complete annual tests and exercises. Serve as the primary point of contact for information security incidents, ensuring appropriate reporting, remediation, and maintaining documentation. Cybersecurity Monitoring and Threat Intelligence Work with IT to oversee real-time security monitoring, including Security Information and Event Management (SIEM) solutions, to detect and respond to threats. Perform reviews of daily, weekly, and monthly Information Security reports. Collaborate with third-party security providers and government agencies (e.g., FS-ISAC, CISA, FBI) for threat intelligence sharing. Oversee regular penetration testing and vulnerability assessments to proactively identify weaknesses. Employee Training and Awareness Design and lead security awareness training programs for employees, ensuring a strong culture of cybersecurity. Conduct phishing simulations, tabletop exercises, and cybersecurity drills to enhance employee readiness. Reporting and Communication Prepare and present security reports, risk assessments, and incident updates to executive management. Communicate regulatory updates, cyber risks, and compliance matters to stakeholders in a clear and concise manner. Privacy Establish and maintain policies, procedures, standards, and guidelines for the Bank's Privacy Program. Responsible for updating Privacy Policy and notices, as necessary. General Assist internal, external, and regulatory auditors with the collection of requested materials, as assigned with their respective engagements. Provide regular reporting to bank management for the Information Security Program and all GLBA compliance. Ensures that areas of direct responsibilities operate within guidelines set for State and Federal laws. Participates in user groups for third-party services providers, industry trade groups and educational programs to remain abreast of current issues and requirements that impact the Bank. Ensure compliance with BSA regulations as appropriate to the position In the performance of respective tasks and duties, the employee is expected to maintain knowledge of and ensure compliance with Bank Secrecy Act regulations and adheres to compliance procedures and internal/operational risk controls in accordance with all applicable regulatory standards, requirements and policies as well as attending all required training sessions and completing all required on-line training courses. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. Other Duties This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. It is expected that from time-to-time other duties, both related and unrelated to the above, may be assigned and therefore, required.

The Manager, Information Security is responsible for implementing and executing WPCU's Information Security program and strategies under the leadership of the VP, Information Security. This role will collaborate with all lines of business through projects, risk assessments, controls, and control effectiveness reviews. The manager will oversee tools utilized by the Information Security team to provide feedback on vendors and applications. Position will be responsible for collaboration with various business units during a data incident to ensure incidents are properly documented and evidence is captured. This role will be expected to provide thought leadership to ensure the efficiency and effectiveness of the Information Security team. The major activities for this position include: 1) Information Security Operations (40%) a) Develop and oversee control effectiveness reviews to ensure all activities align in scope and frequency with information security policies and approved information security frameworks. b) Develop and oversee information security's involvement with vendor due diligence processes. c) Develop and oversee Identity Access Governance processes to ensure alignment with the principle of least privilege access. d) Develop and oversee information security related risk assessments. Develop and oversee processes to rate criticality of applications and controls to ensure risk assessments are aligned. e) Ensure all assessments are completed in a timely manner including developing appropriate cross training plans to schedule impacts. f) Develop and oversee reporting related to all assessments to ensure risk levels are appropriately assigned and management responses are captured. g) Ensure identified gaps from information security assessments are appropriately tracked. Coordinate with various business units to collect timely updates. 2) Personnel Management & Procedures (20%) a) Mentor assigned partners by administering individual development plans, making recommendations for promotions, or implementing coaching plans. This includes performing regular 1-on-1s with partners and completing annual reviews. b) Ensure departmental procedures are effective, up-to-date, and follow company standards. 3) Project Management (20%) a) Participate in project planning events to provide estimated work effort for projects including pro-active escalation of resources constraints to the VP of Information Security. b) Assist in fostering an enterprise-wide security first culture by participating in project requirement gathering session. Inform project owners of applicable controls, audit findings, or control effectiveness gaps that are appropriate for the project. c) Attend on-going project meetings to advise and ensure information security controls are addressed. 4) Incident Management (10%) a) Role will be responsible for ensuring data incidents are tracked, properly documented, and evidence has been collected. b) Provide regular status updates to the VP of Information Security on open data incidents. 5) Audit and Regulatory Exam Support (10%) a) Assist the Vice President of Information Security with internal and external audits to ensure document collections are completed in a timely manner and properly vetted. b) Serve as subject matter expert during internal and external audits related to activities completed by Information Security. c) Ensure assigned business units are operating efficiently and reliably, are in compliance with applicable laws, regulations, and rules, have appropriate operating controls to mitigate risk, and are performing at a high level. Required Skills This leader in information security must be skilled at developing and leading strategic Information Security programs across the enterprise in a complex, multi-system and multi-vendor environment. Strong, practical knowledge of Information Security concepts and technical architecture are essential. Expert knowledge of risk and information security frameworks are essential. 1) A bachelor's degree is required, preferably in Information Technology, Information Security, or a related field. A master's degree in a related discipline is preferred. 2) At least 7+ years of experience in Information Technology or Information Security is required, with at least 3+ years of experience in a leadership role. Demonstrated experience with developing mapping controls to business processes, building control effectiveness reviews, or building risk ratings to allow business units to identify priorities is preferred. 3) A Certified Information System Security Professional (CISSP), Certified Information Security manager (CISM), or similar certification is required. 4) Demonstrate experience in evaluating vendor due diligence and vendor risk assessment processes. 5) Demonstrate experience in Identity Access Management including how to perform user access and rights reviews to align with least privilege access. 6) Demonstrate experience with developing and implementing a risk assessment process that is collaborative with business units and documents risk in accordance with board approved risk appetite. 7) Demonstrate strong leadership skills including the ability to work collaboratively and manage a remote workforce. 8) Demonstrate ability to drive and manage initiatives that increase operational efficiency, enhances quality, and improves/maintains service levels.

Mount Laurel, New Jersey, United States of America **Hours:** 40 **Pay Details:** $87,000 - $151,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. **Line of Business:** Technology Solutions **:** The Manager Information Security manages / leads a team of Technology Controls / Information Security experts in the development and/ or management of relevant strategies, programs, tools, frameworks and policies and provides specialized oversight / control / governance activities for a key business line/segment or transformational (change the bank) strategic initiative / program, liaising across the organization and primarily interfacing with executive and/or functional stakeholders to minimize overall technology risks to the Bank for own area. **Job Description:** This position manages junior level penetration testers, vendor coordination for multiple testing services, processes, procedures and scheduling for penetration, dynamic scanning, and manual code review testing services. **Responsibilities:** + **Vendor Management:** Manage and coordinate penetration testing engagements with vendors. + **People Management:** Manage a team of Junior level penetration testers and their development. + **DAST:** Manage the DAST program and tooling. Familiarity with current industry tooling and technologies and those being introduced. + **Facilitate Penetration Tests:** Perform thorough and methodical penetration testing. + **Evaluate and Assign:** penetration tests to appropriate resources. + **Vulnerability Assessment:** Assess and analyze security weaknesses, and provide actionable recommendations to mitigate risks and improve overall security posture. + **Report Findings:** Document and communicate findings clearly and effectively to both technical and non-technical stakeholders. Prepare comprehensive reports with recommendations for remediation. + **Develop Test Procedures:** Design and execute detailed test requirements. + **Stay Current:** Keep up-to-date with the latest security trends, vulnerabilities, and tools to ensure testing methodologies are current and effective. + **Collaborate with Teams:** Work closely with IT and development teams to understand system architectures, provide guidance on security best practices, and support the implementation of security improvements; work closely with advisory and SDLC pipeline teams to ensure compliance; work closely with PCS team to manage PCI testing requirements. This position will collaborate with many application security teams. + **Perform Risk Assessments:** Evaluate and assess potential security risks related to new and existing systems and technologies. + **Compliance:** Ensure that penetration testing practices comply with relevant regulations, standards, and organizational policies. + **Incidents:** Act as a testing SME on incident calls; support testers on the calls. **Depth & Scope:** + Advanced knowledge of Bank, technology standards and managing people / projects + Leads a small team of IT professionals; coaches/ educates, monitors and manages team members + Strong communication, negotiation and organizational skills specifically including the ability to present options in business terms to both IT and business staff including executives **Education & Experience:** + Bachelor's degree preferred + Information security certification / accreditation an asset + 7+ years of relevant experience **Preferred Qualifications :** + **Technical Skills:** + Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and Kali. + Knowledge of common web application vulnerabilities (e.g., OWASP Top Ten) and network security principles. + Penetration testing, DAST, Manual Code Review knowledge. + **Analytical Skills:** Strong analytical and problem-solving abilities with attention to detail. + **Organizational Skills:** Manage documents and procedures for testing team. + **Multi-tasking** : This job requires exceptional ability to multi-task with multiple workstreams to manage daily. + **Communication:** Excellent verbal and written communication skills, with the ability to convey complex technical concepts to non-technical stakeholders. + **Ethical Standards:** Demonstrated understanding of ethical hacking principles and a commitment to maintaining high ethical standards. + Experience with penetration testing in AI, cloud environments (e.g., AWS, Azure) and PCI testing. + Familiarity with security standards and frameworks. + Previous experience managing and developing teams. + **Certifications:** Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable. + Provide support and consulting in preparation for Audits and in composing management responses and appropriate remediation activities + Participate in computer security incident responses relevant to business (or enterprise wide) and represent respective function and Enterprise position to the business, and business needs to incident response team \#TDCyberSecurity #Hybrid **Physical Requirements:** Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% + Domestic Travel - Occasional + International Travel - Never + Performing sedentary work - Continuous + Performing multiple tasks - Continuous + Operating standard office equipment - Continuous + Responding quickly to sounds - Occasional + Sitting - Continuous + Standing - Occasional + Walking - Occasional + Moving safely in confined spaces - Occasional + Lifting/Carrying (under 25 lbs.) - Occasional + Lifting/Carrying (over 25 lbs.) - Never + Squatting - Occasional + Bending - Occasional + Kneeling - Never + Crawling - Never + Climbing - Never + Reaching overhead - Never + Reaching forward - Occasional + Pushing - Never + Pulling - Never + Twisting - Never + Concentrating for long periods of time - Continuous + Applying common sense to deal with problems involving standardized situations - Continuous + Reading, writing and comprehending instructions - Continuous + Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. **Who We Are:** TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. **Our Total Rewards Package** Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more (*************************************** **Additional Information:** We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. **Colleague Development** If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. **Training & Onboarding** We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. **Interview Process** We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. **Accommodation** TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at *************** . Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process. Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.

Hours: 40 Pay Details: $87,000 - $151,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Line of Business: Technology Solutions : The Manager Information Security manages / leads a team of Technology Controls / Information Security experts in the development and/ or management of relevant strategies, programs, tools, frameworks and policies and provides specialized oversight / control / governance activities for a key business line/segment or transformational (change the bank) strategic initiative / program, liaising across the organization and primarily interfacing with executive and/or functional stakeholders to minimize overall technology risks to the Bank for own area. Job Description: This position manages junior level penetration testers, vendor coordination for multiple testing services, processes, procedures and scheduling for penetration, dynamic scanning, and manual code review testing services. Responsibilities: * Vendor Management: Manage and coordinate penetration testing engagements with vendors. * People Management: Manage a team of Junior level penetration testers and their development. * DAST: Manage the DAST program and tooling. Familiarity with current industry tooling and technologies and those being introduced. * Facilitate Penetration Tests: Perform thorough and methodical penetration testing. * Evaluate and Assign: penetration tests to appropriate resources. * Vulnerability Assessment: Assess and analyze security weaknesses, and provide actionable recommendations to mitigate risks and improve overall security posture. * Report Findings: Document and communicate findings clearly and effectively to both technical and non-technical stakeholders. Prepare comprehensive reports with recommendations for remediation. * Develop Test Procedures: Design and execute detailed test requirements. * Stay Current: Keep up-to-date with the latest security trends, vulnerabilities, and tools to ensure testing methodologies are current and effective. * Collaborate with Teams: Work closely with IT and development teams to understand system architectures, provide guidance on security best practices, and support the implementation of security improvements; work closely with advisory and SDLC pipeline teams to ensure compliance; work closely with PCS team to manage PCI testing requirements. This position will collaborate with many application security teams. * Perform Risk Assessments: Evaluate and assess potential security risks related to new and existing systems and technologies. * Compliance: Ensure that penetration testing practices comply with relevant regulations, standards, and organizational policies. * Incidents: Act as a testing SME on incident calls; support testers on the calls. Depth & Scope: * Advanced knowledge of Bank, technology standards and managing people / projects * Leads a small team of IT professionals; coaches/ educates, monitors and manages team members * Strong communication, negotiation and organizational skills specifically including the ability to present options in business terms to both IT and business staff including executives Education & Experience: * Bachelor's degree preferred * Information security certification / accreditation an asset * 7+ years of relevant experience Preferred Qualifications : * Technical Skills: * Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and Kali. * Knowledge of common web application vulnerabilities (e.g., OWASP Top Ten) and network security principles. * Penetration testing, DAST, Manual Code Review knowledge. * Analytical Skills: Strong analytical and problem-solving abilities with attention to detail. * Organizational Skills: Manage documents and procedures for testing team. * Multi-tasking: This job requires exceptional ability to multi-task with multiple workstreams to manage daily. * Communication: Excellent verbal and written communication skills, with the ability to convey complex technical concepts to non-technical stakeholders. * Ethical Standards: Demonstrated understanding of ethical hacking principles and a commitment to maintaining high ethical standards. * Experience with penetration testing in AI, cloud environments (e.g., AWS, Azure) and PCI testing. * Familiarity with security standards and frameworks. * Previous experience managing and developing teams. * Certifications: Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable. * Provide support and consulting in preparation for Audits and in composing management responses and appropriate remediation activities * Participate in computer security incident responses relevant to business (or enterprise wide) and represent respective function and Enterprise position to the business, and business needs to incident response team #TDCyberSecurity #Hybrid Physical Requirements: Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% * Domestic Travel - Occasional * International Travel - Never * Performing sedentary work - Continuous * Performing multiple tasks - Continuous * Operating standard office equipment - Continuous * Responding quickly to sounds - Occasional * Sitting - Continuous * Standing - Occasional * Walking - Occasional * Moving safely in confined spaces - Occasional * Lifting/Carrying (under 25 lbs.) - Occasional * Lifting/Carrying (over 25 lbs.) - Never * Squatting - Occasional * Bending - Occasional * Kneeling - Never * Crawling - Never * Climbing - Never * Reaching overhead - Never * Reaching forward - Occasional * Pushing - Never * Pulling - Never * Twisting - Never * Concentrating for long periods of time - Continuous * Applying common sense to deal with problems involving standardized situations - Continuous * Reading, writing and comprehending instructions - Continuous * Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at ***************. Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process.

Mount Laurel, New Jersey, United States of America **Hours:** 40 **Pay Details:** $87,000 - $151,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. **Line of Business:** Technology Solutions **:** The Manager Information Security manages / leads a team of Technology Controls / Information Security experts in the development and/ or management of relevant strategies, programs, tools, frameworks and policies and provides specialized oversight / control / governance activities for a key business line/segment or transformational (change the bank) strategic initiative / program, liaising across the organization and primarily interfacing with executive and/or functional stakeholders to minimize overall technology risks to the Bank for own area. **Job Description:** This position manages junior level penetration testers, vendor coordination for multiple testing services, processes, procedures and scheduling for penetration, dynamic scanning, and manual code review testing services. **Responsibilities:** + **Vendor Management:** Manage and coordinate penetration testing engagements with vendors. + **People Management:** Manage a team of Junior level penetration testers and their development. + **DAST:** Manage the DAST program and tooling. Familiarity with current industry tooling and technologies and those being introduced. + **Facilitate Penetration Tests:** Perform thorough and methodical penetration testing. + **Evaluate and Assign:** penetration tests to appropriate resources. + **Vulnerability Assessment:** Assess and analyze security weaknesses, and provide actionable recommendations to mitigate risks and improve overall security posture. + **Report Findings:** Document and communicate findings clearly and effectively to both technical and non-technical stakeholders. Prepare comprehensive reports with recommendations for remediation. + **Develop Test Procedures:** Design and execute detailed test requirements. + **Stay Current:** Keep up-to-date with the latest security trends, vulnerabilities, and tools to ensure testing methodologies are current and effective. + **Collaborate with Teams:** Work closely with IT and development teams to understand system architectures, provide guidance on security best practices, and support the implementation of security improvements; work closely with advisory and SDLC pipeline teams to ensure compliance; work closely with PCS team to manage PCI testing requirements. This position will collaborate with many application security teams. + **Perform Risk Assessments:** Evaluate and assess potential security risks related to new and existing systems and technologies. + **Compliance:** Ensure that penetration testing practices comply with relevant regulations, standards, and organizational policies. + **Incidents:** Act as a testing SME on incident calls; support testers on the calls. **Depth & Scope:** + Advanced knowledge of Bank, technology standards and managing people / projects + Leads a small team of IT professionals; coaches/ educates, monitors and manages team members + Strong communication, negotiation and organizational skills specifically including the ability to present options in business terms to both IT and business staff including executives **Education & Experience:** + Bachelor's degree preferred + Information security certification / accreditation an asset + 7+ years of relevant experience **Preferred Qualifications :** + **Technical Skills:** + Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and Kali. + Knowledge of common web application vulnerabilities (e.g., OWASP Top Ten) and network security principles. + Penetration testing, DAST, Manual Code Review knowledge. + **Analytical Skills:** Strong analytical and problem-solving abilities with attention to detail. + **Organizational Skills:** Manage documents and procedures for testing team. + **Multi-tasking** : This job requires exceptional ability to multi-task with multiple workstreams to manage daily. + **Communication:** Excellent verbal and written communication skills, with the ability to convey complex technical concepts to non-technical stakeholders. + **Ethical Standards:** Demonstrated understanding of ethical hacking principles and a commitment to maintaining high ethical standards. + Experience with penetration testing in AI, cloud environments (e.g., AWS, Azure) and PCI testing. + Familiarity with security standards and frameworks. + Previous experience managing and developing teams. + **Certifications:** Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable. + Provide support and consulting in preparation for Audits and in composing management responses and appropriate remediation activities + Participate in computer security incident responses relevant to business (or enterprise wide) and represent respective function and Enterprise position to the business, and business needs to incident response team \#TDCyberSecurity #Hybrid **Physical Requirements:** Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% + Domestic Travel - Occasional + International Travel - Never + Performing sedentary work - Continuous + Performing multiple tasks - Continuous + Operating standard office equipment - Continuous + Responding quickly to sounds - Occasional + Sitting - Continuous + Standing - Occasional + Walking - Occasional + Moving safely in confined spaces - Occasional + Lifting/Carrying (under 25 lbs.) - Occasional + Lifting/Carrying (over 25 lbs.) - Never + Squatting - Occasional + Bending - Occasional + Kneeling - Never + Crawling - Never + Climbing - Never + Reaching overhead - Never + Reaching forward - Occasional + Pushing - Never + Pulling - Never + Twisting - Never + Concentrating for long periods of time - Continuous + Applying common sense to deal with problems involving standardized situations - Continuous + Reading, writing and comprehending instructions - Continuous + Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. **Who We Are:** TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. **Our Total Rewards Package** Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more (*************************************** **Additional Information:** We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. **Colleague Development** If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. **Training & Onboarding** We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. **Interview Process** We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. **Accommodation** TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at *************** . Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process. Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.

Hours: 40 Pay Details: $87,000 - $151,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Line of Business: Technology Solutions : The Manager Information Security manages / leads a team of Technology Controls / Information Security experts in the development and/ or management of relevant strategies, programs, tools, frameworks and policies and provides specialized oversight / control / governance activities for a key business line/segment or transformational (change the bank) strategic initiative / program, liaising across the organization and primarily interfacing with executive and/or functional stakeholders to minimize overall technology risks to the Bank for own area. Job Description: This position manages junior level penetration testers, vendor coordination for multiple testing services, processes, procedures and scheduling for penetration, dynamic scanning, and manual code review testing services. Responsibilities: * Vendor Management: Manage and coordinate penetration testing engagements with vendors. * People Management: Manage a team of Junior level penetration testers and their development. * DAST: Manage the DAST program and tooling. Familiarity with current industry tooling and technologies and those being introduced. * Facilitate Penetration Tests: Perform thorough and methodical penetration testing. * Evaluate and Assign: penetration tests to appropriate resources. * Vulnerability Assessment: Assess and analyze security weaknesses, and provide actionable recommendations to mitigate risks and improve overall security posture. * Report Findings: Document and communicate findings clearly and effectively to both technical and non-technical stakeholders. Prepare comprehensive reports with recommendations for remediation. * Develop Test Procedures: Design and execute detailed test requirements. * Stay Current: Keep up-to-date with the latest security trends, vulnerabilities, and tools to ensure testing methodologies are current and effective. * Collaborate with Teams: Work closely with IT and development teams to understand system architectures, provide guidance on security best practices, and support the implementation of security improvements; work closely with advisory and SDLC pipeline teams to ensure compliance; work closely with PCS team to manage PCI testing requirements. This position will collaborate with many application security teams. * Perform Risk Assessments: Evaluate and assess potential security risks related to new and existing systems and technologies. * Compliance: Ensure that penetration testing practices comply with relevant regulations, standards, and organizational policies. * Incidents: Act as a testing SME on incident calls; support testers on the calls. Depth & Scope: * Advanced knowledge of Bank, technology standards and managing people / projects * Leads a small team of IT professionals; coaches/ educates, monitors and manages team members * Strong communication, negotiation and organizational skills specifically including the ability to present options in business terms to both IT and business staff including executives Education & Experience: * Bachelor's degree preferred * Information security certification / accreditation an asset * 7+ years of relevant experience Preferred Qualifications : * Technical Skills: * Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and Kali. * Knowledge of common web application vulnerabilities (e.g., OWASP Top Ten) and network security principles. * Penetration testing, DAST, Manual Code Review knowledge. * Analytical Skills: Strong analytical and problem-solving abilities with attention to detail. * Organizational Skills: Manage documents and procedures for testing team. * Multi-tasking: This job requires exceptional ability to multi-task with multiple workstreams to manage daily. * Communication: Excellent verbal and written communication skills, with the ability to convey complex technical concepts to non-technical stakeholders. * Ethical Standards: Demonstrated understanding of ethical hacking principles and a commitment to maintaining high ethical standards. * Experience with penetration testing in AI, cloud environments (e.g., AWS, Azure) and PCI testing. * Familiarity with security standards and frameworks. * Previous experience managing and developing teams. * Certifications: Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable. * Provide support and consulting in preparation for Audits and in composing management responses and appropriate remediation activities * Participate in computer security incident responses relevant to business (or enterprise wide) and represent respective function and Enterprise position to the business, and business needs to incident response team #TDCyberSecurity #Hybrid Physical Requirements: Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% * Domestic Travel - Occasional * International Travel - Never * Performing sedentary work - Continuous * Performing multiple tasks - Continuous * Operating standard office equipment - Continuous * Responding quickly to sounds - Occasional * Sitting - Continuous * Standing - Occasional * Walking - Occasional * Moving safely in confined spaces - Occasional * Lifting/Carrying (under 25 lbs.) - Occasional * Lifting/Carrying (over 25 lbs.) - Never * Squatting - Occasional * Bending - Occasional * Kneeling - Never * Crawling - Never * Climbing - Never * Reaching overhead - Never * Reaching forward - Occasional * Pushing - Never * Pulling - Never * Twisting - Never * Concentrating for long periods of time - Continuous * Applying common sense to deal with problems involving standardized situations - Continuous * Reading, writing and comprehending instructions - Continuous * Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at ***************. Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process.

Mount Laurel, New Jersey, United States of America **Hours:** 40 **Pay Details:** $87,000 - $151,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. **Line of Business:** Technology Solutions **:** The Manager Information Security manages / leads a team of Technology Controls / Information Security experts in the development and/ or management of relevant strategies, programs, tools, frameworks and policies and provides specialized oversight / control / governance activities for a key business line/segment or transformational (change the bank) strategic initiative / program, liaising across the organization and primarily interfacing with executive and/or functional stakeholders to minimize overall technology risks to the Bank for own area. **Job Description:** This position manages junior level penetration testers, vendor coordination for multiple testing services, processes, procedures and scheduling for penetration, dynamic scanning, and manual code review testing services. **Responsibilities:** + **Vendor Management:** Manage and coordinate penetration testing engagements with vendors. + **People Management:** Manage a team of Junior level penetration testers and their development. + **DAST:** Manage the DAST program and tooling. Familiarity with current industry tooling and technologies and those being introduced. + **Facilitate Penetration Tests:** Perform thorough and methodical penetration testing. + **Evaluate and Assign:** penetration tests to appropriate resources. + **Vulnerability Assessment:** Assess and analyze security weaknesses, and provide actionable recommendations to mitigate risks and improve overall security posture. + **Report Findings:** Document and communicate findings clearly and effectively to both technical and non-technical stakeholders. Prepare comprehensive reports with recommendations for remediation. + **Develop Test Procedures:** Design and execute detailed test requirements. + **Stay Current:** Keep up-to-date with the latest security trends, vulnerabilities, and tools to ensure testing methodologies are current and effective. + **Collaborate with Teams:** Work closely with IT and development teams to understand system architectures, provide guidance on security best practices, and support the implementation of security improvements; work closely with advisory and SDLC pipeline teams to ensure compliance; work closely with PCS team to manage PCI testing requirements. This position will collaborate with many application security teams. + **Perform Risk Assessments:** Evaluate and assess potential security risks related to new and existing systems and technologies. + **Compliance:** Ensure that penetration testing practices comply with relevant regulations, standards, and organizational policies. + **Incidents:** Act as a testing SME on incident calls; support testers on the calls. **Depth & Scope:** + Advanced knowledge of Bank, technology standards and managing people / projects + Leads a small team of IT professionals; coaches/ educates, monitors and manages team members + Strong communication, negotiation and organizational skills specifically including the ability to present options in business terms to both IT and business staff including executives **Education & Experience:** + Bachelor's degree preferred + Information security certification / accreditation an asset + 7+ years of relevant experience **Preferred Qualifications :** + **Technical Skills:** + Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and Kali. + Knowledge of common web application vulnerabilities (e.g., OWASP Top Ten) and network security principles. + Penetration testing, DAST, Manual Code Review knowledge. + **Analytical Skills:** Strong analytical and problem-solving abilities with attention to detail. + **Organizational Skills:** Manage documents and procedures for testing team. + **Multi-tasking** : This job requires exceptional ability to multi-task with multiple workstreams to manage daily. + **Communication:** Excellent verbal and written communication skills, with the ability to convey complex technical concepts to non-technical stakeholders. + **Ethical Standards:** Demonstrated understanding of ethical hacking principles and a commitment to maintaining high ethical standards. + Experience with penetration testing in AI, cloud environments (e.g., AWS, Azure) and PCI testing. + Familiarity with security standards and frameworks. + Previous experience managing and developing teams. + **Certifications:** Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable. + Provide support and consulting in preparation for Audits and in composing management responses and appropriate remediation activities + Participate in computer security incident responses relevant to business (or enterprise wide) and represent respective function and Enterprise position to the business, and business needs to incident response team \#TDCyberSecurity #Hybrid **Physical Requirements:** Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% + Domestic Travel - Occasional + International Travel - Never + Performing sedentary work - Continuous + Performing multiple tasks - Continuous + Operating standard office equipment - Continuous + Responding quickly to sounds - Occasional + Sitting - Continuous + Standing - Occasional + Walking - Occasional + Moving safely in confined spaces - Occasional + Lifting/Carrying (under 25 lbs.) - Occasional + Lifting/Carrying (over 25 lbs.) - Never + Squatting - Occasional + Bending - Occasional + Kneeling - Never + Crawling - Never + Climbing - Never + Reaching overhead - Never + Reaching forward - Occasional + Pushing - Never + Pulling - Never + Twisting - Never + Concentrating for long periods of time - Continuous + Applying common sense to deal with problems involving standardized situations - Continuous + Reading, writing and comprehending instructions - Continuous + Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. **Who We Are:** TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. **Our Total Rewards Package** Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more (*************************************** **Additional Information:** We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. **Colleague Development** If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. **Training & Onboarding** We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. **Interview Process** We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. **Accommodation** TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at *************** . Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process. Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.

Hours: 40 Pay Details: $87,000 - $151,000 USD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Line of Business: Technology Solutions : The Manager Information Security manages / leads a team of Technology Controls / Information Security experts in the development and/ or management of relevant strategies, programs, tools, frameworks and policies and provides specialized oversight / control / governance activities for a key business line/segment or transformational (change the bank) strategic initiative / program, liaising across the organization and primarily interfacing with executive and/or functional stakeholders to minimize overall technology risks to the Bank for own area. Job Description: This position manages junior level penetration testers, vendor coordination for multiple testing services, processes, procedures and scheduling for penetration, dynamic scanning, and manual code review testing services. Responsibilities: * Vendor Management: Manage and coordinate penetration testing engagements with vendors. * People Management: Manage a team of Junior level penetration testers and their development. * DAST: Manage the DAST program and tooling. Familiarity with current industry tooling and technologies and those being introduced. * Facilitate Penetration Tests: Perform thorough and methodical penetration testing. * Evaluate and Assign: penetration tests to appropriate resources. * Vulnerability Assessment: Assess and analyze security weaknesses, and provide actionable recommendations to mitigate risks and improve overall security posture. * Report Findings: Document and communicate findings clearly and effectively to both technical and non-technical stakeholders. Prepare comprehensive reports with recommendations for remediation. * Develop Test Procedures: Design and execute detailed test requirements. * Stay Current: Keep up-to-date with the latest security trends, vulnerabilities, and tools to ensure testing methodologies are current and effective. * Collaborate with Teams: Work closely with IT and development teams to understand system architectures, provide guidance on security best practices, and support the implementation of security improvements; work closely with advisory and SDLC pipeline teams to ensure compliance; work closely with PCS team to manage PCI testing requirements. This position will collaborate with many application security teams. * Perform Risk Assessments: Evaluate and assess potential security risks related to new and existing systems and technologies. * Compliance: Ensure that penetration testing practices comply with relevant regulations, standards, and organizational policies. * Incidents: Act as a testing SME on incident calls; support testers on the calls. Depth & Scope: * Advanced knowledge of Bank, technology standards and managing people / projects * Leads a small team of IT professionals; coaches/ educates, monitors and manages team members * Strong communication, negotiation and organizational skills specifically including the ability to present options in business terms to both IT and business staff including executives Education & Experience: * Bachelor's degree preferred * Information security certification / accreditation an asset * 7+ years of relevant experience Preferred Qualifications : * Technical Skills: * Proficiency in penetration testing tools such as Metasploit, Burp Suite, Nmap, and Kali. * Knowledge of common web application vulnerabilities (e.g., OWASP Top Ten) and network security principles. * Penetration testing, DAST, Manual Code Review knowledge. * Analytical Skills: Strong analytical and problem-solving abilities with attention to detail. * Organizational Skills: Manage documents and procedures for testing team. * Multi-tasking: This job requires exceptional ability to multi-task with multiple workstreams to manage daily. * Communication: Excellent verbal and written communication skills, with the ability to convey complex technical concepts to non-technical stakeholders. * Ethical Standards: Demonstrated understanding of ethical hacking principles and a commitment to maintaining high ethical standards. * Experience with penetration testing in AI, cloud environments (e.g., AWS, Azure) and PCI testing. * Familiarity with security standards and frameworks. * Previous experience managing and developing teams. * Certifications: Relevant certifications such as Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH), or GIAC Penetration Tester (GPEN) are highly desirable. * Provide support and consulting in preparation for Audits and in composing management responses and appropriate remediation activities * Participate in computer security incident responses relevant to business (or enterprise wide) and represent respective function and Enterprise position to the business, and business needs to incident response team #TDCyberSecurity #Hybrid Physical Requirements: Never: 0%; Occasional: 1-33%; Frequent: 34-66%; Continuous: 67-100% * Domestic Travel - Occasional * International Travel - Never * Performing sedentary work - Continuous * Performing multiple tasks - Continuous * Operating standard office equipment - Continuous * Responding quickly to sounds - Occasional * Sitting - Continuous * Standing - Occasional * Walking - Occasional * Moving safely in confined spaces - Occasional * Lifting/Carrying (under 25 lbs.) - Occasional * Lifting/Carrying (over 25 lbs.) - Never * Squatting - Occasional * Bending - Occasional * Kneeling - Never * Crawling - Never * Climbing - Never * Reaching overhead - Never * Reaching forward - Occasional * Pushing - Never * Pulling - Never * Twisting - Never * Concentrating for long periods of time - Continuous * Applying common sense to deal with problems involving standardized situations - Continuous * Reading, writing and comprehending instructions - Continuous * Adding, subtracting, multiplying and dividing - Continuous The above statements are intended to describe the general nature and level of work being performed by people assigned to this job. They are not intended to be an exhaustive list of all responsibilities, duties and skills required. The listed or specified responsibilities & duties are considered essential functions for ADA purposes. Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical and mental well-being goals. Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation TD Bank is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or any other characteristic protected under applicable federal, state, or local law. If you are an applicant with a disability and need accommodations to complete the application process, please email TD Bank US Workplace Accommodations Program at ***************. Include your full name, best way to reach you and the accommodation needed to assist you with the applicant process.

Washington, District of Columbia;Chicago, Illinois; Denver, Colorado **To proceed with your application, you must be at least 18 years of age.** Acknowledge Refer a friend **To proceed with your application, you must be at least 18 years of age.** Acknowledge (****************************************************************************************************** **Job Description:** At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! Bank of America is one of the world's leading financial institutions, serving over 66 million consumers and small businesses. Company success is only possible with a strong cyber defense, which enables Bank of America to safely conduct global operations across the United States and in approximately 35 countries. Our primary goal is to safeguard not only the company, but our clients and their trust. The Malware Defense Team is looking for top talent who would like to join one of the most advanced cybersecurity teams in the world. Responsibilities include, but are not limited to: - In-depth analysis of malware, including authoring analysis reports. - Tracking malware campaigns, malicious actors, and related infrastructure. - Creation of tools and scripts to assist in the analysis of malware analysis. - Field escalations of potentially malicious files and websites from teams within Malware Defense. Required Qualifications: - Strong direct experience of analyzing malware. - Intermediate to advanced malware analysis skills. - Experience creating innovative ways to track progression of malware families, infrastructure, and campaigns conducted by e-crime, and cyber espionage actors. - Experience creating tools and scripts to accelerate malware and threat analysis. - Background in network traffic analysis - WireShark, Fiddler, proxy logs, etc. - Experience analyzing malicious web content such as ClickFix, ClearFake, SocGholish, etc. - Experience authoring YARA, Suricata, and EKFiddle detection rules. - Experience with penetration testing and/or adversary emulation is a plus. - Able to work independently on tasks, but also work well within a team environment Desired Qualifications: - Experience analyzing malware targeting Linux, Android, and IOT platforms. Skills: + Cyber Security + Data Privacy and Protection + Problem Solving + Process Management + Threat Analysis + Business Acumen + Data and Trend Analysis + Interpret Relevant Laws, Rules, and Regulations + Risk Analytics + Stakeholder Management + Access and Identity Management + Data Governance + Encryption + Information Systems Management + Technology System Assessment **Shift:** 1st shift (United States of America) **Hours Per Week:** 40 Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. View your **"Know your Rights (************************************************************************************** "** poster. **View the LA County Fair Chance Ordinance (************************************************************************************************** .** Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! Bank of America is one of the world's leading financial institutions, serving over 66 million consumers and small businesses. Company success is only possible with a strong cyber defense, which enables Bank of America to safely conduct global operations across the United States and in approximately 35 countries. Our primary goal is to safeguard not only the company, but our clients and their trust. The Malware Defense Team is looking for top talent who would like to join one of the most advanced cybersecurity teams in the world. Responsibilities include, but are not limited to: * In-depth analysis of malware, including authoring analysis reports. * Tracking malware campaigns, malicious actors, and related infrastructure. * Creation of tools and scripts to assist in the analysis of malware analysis. * Field escalations of potentially malicious files and websites from teams within Malware Defense. Required Qualifications: * Strong direct experience of analyzing malware. * Intermediate to advanced malware analysis skills. * Experience creating innovative ways to track progression of malware families, infrastructure, and campaigns conducted by e-crime, and cyber espionage actors. * Experience creating tools and scripts to accelerate malware and threat analysis. * Background in network traffic analysis - WireShark, Fiddler, proxy logs, etc. * Experience analyzing malicious web content such as ClickFix, ClearFake, SocGholish, etc. * Experience authoring YARA, Suricata, and EKFiddle detection rules. * Experience with penetration testing and/or adversary emulation is a plus. * Able to work independently on tasks, but also work well within a team environment Desired Qualifications: * Experience analyzing malware targeting Linux, Android, and IOT platforms. Skills: * Cyber Security * Data Privacy and Protection * Problem Solving * Process Management * Threat Analysis * Business Acumen * Data and Trend Analysis * Interpret Relevant Laws, Rules, and Regulations * Risk Analytics * Stakeholder Management * Access and Identity Management * Data Governance * Encryption * Information Systems Management * Technology System Assessment Shift: 1st shift (United States of America) Hours Per Week: 40

Washington, District of Columbia;Chicago, Illinois; Denver, Colorado **To proceed with your application, you must be at least 18 years of age.** Acknowledge Refer a friend **To proceed with your application, you must be at least 18 years of age.** Acknowledge (****************************************************************************************************** **Job Description:** At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! Bank of America is one of the world's leading financial institutions, serving over 66 million consumers and small businesses. Company success is only possible with a strong cyber defense, which enables Bank of America to safely conduct global operations across the United States and in approximately 35 countries. Our primary goal is to safeguard not only the company, but our clients and their trust. The Malware Defense Team is looking for top talent who would like to join one of the most advanced cybersecurity teams in the world. Responsibilities include, but are not limited to: - In-depth analysis of malware, including authoring analysis reports. - Tracking malware campaigns, malicious actors, and related infrastructure. - Creation of tools and scripts to assist in the analysis of malware analysis. - Field escalations of potentially malicious files and websites from teams within Malware Defense. Required Qualifications: - Strong direct experience of analyzing malware. - Intermediate to advanced malware analysis skills. - Experience creating innovative ways to track progression of malware families, infrastructure, and campaigns conducted by e-crime, and cyber espionage actors. - Experience creating tools and scripts to accelerate malware and threat analysis. - Background in network traffic analysis - WireShark, Fiddler, proxy logs, etc. - Experience analyzing malicious web content such as ClickFix, ClearFake, SocGholish, etc. - Experience authoring YARA, Suricata, and EKFiddle detection rules. - Experience with penetration testing and/or adversary emulation is a plus. - Able to work independently on tasks, but also work well within a team environment Desired Qualifications: - Experience analyzing malware targeting Linux, Android, and IOT platforms. Skills: + Cyber Security + Data Privacy and Protection + Problem Solving + Process Management + Threat Analysis + Business Acumen + Data and Trend Analysis + Interpret Relevant Laws, Rules, and Regulations + Risk Analytics + Stakeholder Management + Access and Identity Management + Data Governance + Encryption + Information Systems Management + Technology System Assessment **Shift:** 1st shift (United States of America) **Hours Per Week:** 40 Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. View your **"Know your Rights (************************************************************************************** "** poster. **View the LA County Fair Chance Ordinance (************************************************************************************************** .** Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! Bank of America is one of the world's leading financial institutions, serving over 66 million consumers and small businesses. Company success is only possible with a strong cyber defense, which enables Bank of America to safely conduct global operations across the United States and in approximately 35 countries. Our primary goal is to safeguard not only the company, but our clients and their trust. The Malware Defense Team is looking for top talent who would like to join one of the most advanced cybersecurity teams in the world. Responsibilities include, but are not limited to: * In-depth analysis of malware, including authoring analysis reports. * Tracking malware campaigns, malicious actors, and related infrastructure. * Creation of tools and scripts to assist in the analysis of malware analysis. * Field escalations of potentially malicious files and websites from teams within Malware Defense. Required Qualifications: * Strong direct experience of analyzing malware. * Intermediate to advanced malware analysis skills. * Experience creating innovative ways to track progression of malware families, infrastructure, and campaigns conducted by e-crime, and cyber espionage actors. * Experience creating tools and scripts to accelerate malware and threat analysis. * Background in network traffic analysis - WireShark, Fiddler, proxy logs, etc. * Experience analyzing malicious web content such as ClickFix, ClearFake, SocGholish, etc. * Experience authoring YARA, Suricata, and EKFiddle detection rules. * Experience with penetration testing and/or adversary emulation is a plus. * Able to work independently on tasks, but also work well within a team environment Desired Qualifications: * Experience analyzing malware targeting Linux, Android, and IOT platforms. Skills: * Cyber Security * Data Privacy and Protection * Problem Solving * Process Management * Threat Analysis * Business Acumen * Data and Trend Analysis * Interpret Relevant Laws, Rules, and Regulations * Risk Analytics * Stakeholder Management * Access and Identity Management * Data Governance * Encryption * Information Systems Management * Technology System Assessment Shift: 1st shift (United States of America) Hours Per Week: 40

Toronto, Ontario, Canada **Hours:** 37.5 **Line of Business:** Technology Solutions **Pay Details:** 91,200 - 136,800 CAD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. **Job Description:** TD Bank is seeking a strategic and technically skilled Manager to join our Information Security team, focused on strengthening our fraud detection, authentication, and CIAM (Customer Identity and Access Management) capabilities. This role will lead the expansion of our monitoring and alerting footprint across enterprise platforms, ensuring control effectiveness, regulatory alignment, and rapid incident response in a complex financial environment. Key Responsibilities - Lead the design and deployment of monitoring and alerting strategies using Splunk, Datadog, Dynatrace, and Databricks across TD's digital ecosystem - Define alert thresholds and tuning logic to minimize false positives while maintaining high sensitivity to fraud and access anomalies - Oversee triage workflows for triggered alerts, coordinating with global teams to ensure timely investigation and resolution - Develop governance frameworks for alert lifecycle management, including setup, ownership, escalation, and audit readiness - Monitor control effectiveness across CIAM, authentication, and fraud domains, driving continuous improvement - Collaborate with fraud and cybersecurity teams to support incident investigations and mitigation strategies - Analyze alert trends and performance metrics to inform strategic improvements and risk prioritization - Champion automation and workflow optimization for alert handling, reporting, and compliance documentation - Ensure alignment with TD's enterprise risk management and regulatory obligations (e.g., OSFI, OCC) - Provide mentorship and leadership within the security monitoring team, fostering a culture of accountability and innovation Required Qualifications & Expertise - 5+ years of experience in information security, CIAM/fraud detection, or observability engineering within financial services - Hands-on expertise with Splunk, Datadog, Dynatrace, and Databricks for alert creation, analytics, and dashboarding - Strong understanding of CIAM, authentication protocols, and fraud risk indicators in regulated environments - Experience designing governance frameworks and control monitoring programs aligned with financial compliance standards - Proven ability to lead cross-functional teams and drive incident response processes across geographies - Excellent communication and documentation skills, with a strategic mindset and attention to regulatory detail **Who We Are:** TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. **Our Total Rewards Package** Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical, and mental well-being goals. Total Rewards at TD includes a base salary, variable compensation, and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off, banking benefits and discounts, career development, and reward and recognition programs. Learn more (********************************************************************** **Additional Information:** We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Please be advised that this job opportunity is subject to provincial regulation for employment purposes. It is imperative to acknowledge that each province or territory within the jurisdiction of Canada may have its own set of regulations, requirements. **Colleague Development** If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. **Training & Onboarding** We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. **Interview Process** We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. **Accommodation** Your accessibility is important to us. Please let us know if you'd like accommodations (including accessible meeting rooms, captioning for virtual interviews, etc.) to help us remove barriers so that you can participate throughout the interview process. We look forward to hearing from you! **Language Requirement (Quebec only):** Sans Objet Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.

Hours: 37.5 Line of Business: Technology Solutions Pay Details: 91,200 - 136,800 CAD TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. Job Description: TD Bank is seeking a strategic and technically skilled Manager to join our Information Security team, focused on strengthening our fraud detection, authentication, and CIAM (Customer Identity and Access Management) capabilities. This role will lead the expansion of our monitoring and alerting footprint across enterprise platforms, ensuring control effectiveness, regulatory alignment, and rapid incident response in a complex financial environment. Key Responsibilities * Lead the design and deployment of monitoring and alerting strategies using Splunk, Datadog, Dynatrace, and Databricks across TD's digital ecosystem * Define alert thresholds and tuning logic to minimize false positives while maintaining high sensitivity to fraud and access anomalies * Oversee triage workflows for triggered alerts, coordinating with global teams to ensure timely investigation and resolution * Develop governance frameworks for alert lifecycle management, including setup, ownership, escalation, and audit readiness * Monitor control effectiveness across CIAM, authentication, and fraud domains, driving continuous improvement * Collaborate with fraud and cybersecurity teams to support incident investigations and mitigation strategies * Analyze alert trends and performance metrics to inform strategic improvements and risk prioritization * Champion automation and workflow optimization for alert handling, reporting, and compliance documentation * Ensure alignment with TD's enterprise risk management and regulatory obligations (e.g., OSFI, OCC) * Provide mentorship and leadership within the security monitoring team, fostering a culture of accountability and innovation Required Qualifications & Expertise * 5+ years of experience in information security, CIAM/fraud detection, or observability engineering within financial services * Hands-on expertise with Splunk, Datadog, Dynatrace, and Databricks for alert creation, analytics, and dashboarding * Strong understanding of CIAM, authentication protocols, and fraud risk indicators in regulated environments * Experience designing governance frameworks and control monitoring programs aligned with financial compliance standards * Proven ability to lead cross-functional teams and drive incident response processes across geographies * Excellent communication and documentation skills, with a strategic mindset and attention to regulatory detail Who We Are: TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you. Our Total Rewards Package Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical, and mental well-being goals. Total Rewards at TD includes a base salary, variable compensation, and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off, banking benefits and discounts, career development, and reward and recognition programs. Learn more Additional Information: We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home. Please be advised that this job opportunity is subject to provincial regulation for employment purposes. It is imperative to acknowledge that each province or territory within the jurisdiction of Canada may have its own set of regulations, requirements. Colleague Development If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals. Training & Onboarding We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role. Interview Process We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. Accommodation Your accessibility is important to us. Please let us know if you'd like accommodations (including accessible meeting rooms, captioning for virtual interviews, etc.) to help us remove barriers so that you can participate throughout the interview process. We look forward to hearing from you! Language Requirement (Quebec only): Sans Objet

Washington, District of Columbia;Chicago, Illinois; Denver, Colorado **To proceed with your application, you must be at least 18 years of age.** Acknowledge Refer a friend **To proceed with your application, you must be at least 18 years of age.** Acknowledge (****************************************************************************************************** **Job Description:** At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! Bank of America is one of the world's leading financial institutions, serving over 66 million consumers and small businesses. Company success is only possible with a strong cyber defense, which enables Bank of America to safely conduct global operations across the United States and in approximately 35 countries. Our primary goal is to safeguard not only the company, but our clients and their trust. The Malware Defense Team is looking for top talent who would like to join one of the most advanced cybersecurity teams in the world. Responsibilities include, but are not limited to: - In-depth analysis of malware, including authoring analysis reports. - Tracking malware campaigns, malicious actors, and related infrastructure. - Creation of tools and scripts to assist in the analysis of malware analysis. - Field escalations of potentially malicious files and websites from teams within Malware Defense. Required Qualifications: - Strong direct experience of analyzing malware. - Intermediate to advanced malware analysis skills. - Experience creating innovative ways to track progression of malware families, infrastructure, and campaigns conducted by e-crime, and cyber espionage actors. - Experience creating tools and scripts to accelerate malware and threat analysis. - Background in network traffic analysis - WireShark, Fiddler, proxy logs, etc. - Experience analyzing malicious web content such as ClickFix, ClearFake, SocGholish, etc. - Experience authoring YARA, Suricata, and EKFiddle detection rules. - Experience with penetration testing and/or adversary emulation is a plus. - Able to work independently on tasks, but also work well within a team environment Desired Qualifications: - Experience analyzing malware targeting Linux, Android, and IOT platforms. Skills: + Cyber Security + Data Privacy and Protection + Problem Solving + Process Management + Threat Analysis + Business Acumen + Data and Trend Analysis + Interpret Relevant Laws, Rules, and Regulations + Risk Analytics + Stakeholder Management + Access and Identity Management + Data Governance + Encryption + Information Systems Management + Technology System Assessment **Shift:** 1st shift (United States of America) **Hours Per Week:** 40 Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. View your **"Know your Rights (************************************************************************************** "** poster. **View the LA County Fair Chance Ordinance (************************************************************************************************** .** Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.