**Work Location:** Toronto, Ontario, Canada **Hours:** 37.5 **Line of Business:** Technology Solutions **Pay Details:** $115,200 - $163,200 CAD This role is temporarily eligible for a pay premium above the posted salary range that is reassessed annually. You are encouraged to have an open dialogue with your recruiter who can provide more specific pay details for this role. TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs. As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role. **Job Description:** **Security Architect – AI Threat Modeler** **Overview** We are seeking an experienced Cybersecurity Architect to work as an AI Threat Modeler as part of our Cybersecurity Architecture team. In this role, you will be responsible for identifying, analyzing, and mitigating security threats specific to artificial intelligence (AI) and machine learning (ML) systems. You will collaborate with engineering, data science, and security teams to ensure that AI-driven solutions are robust, resilient, and compliant with industry standards and regulations. You will also occasionally be asked to contribute to security system design, architecture frameworks, and technology strategy, with a focus on emerging AI technologies **Key Responsibilities** + Analyze the design and architecture of AI solutions (chatbots, agents, agentic systems, etc.) to identify security vulnerabilities, threats, and attack vectors + Develop and maintain threat models for AI/ML systems, considering adversarial machine learning, data poisoning, model inversion, prompt injection, privacy risks, misuse scenarios, and other AI-specific threats. + Assess AI system components (including data pipelines, model training, inference, APIs, deployment environments, etc.) for susceptibility to attacks and compliance with security standards. + Create detailed threat reports outlining identified risks, recommended mitigations, and business impact. + Collaborate with business units, product owners, and engineering teams to prioritize and implement security controls and mitigations for the vulnerabilities and risks found. + Stay current with emerging threats, vulnerabilities, and best practices in AI/ML security. + Provide training and guidance to technical teams on secure AI/ML development and deployment practices. + Contribute to the development of AI security architecture frameworks, policies, and standards. **Skills & Experience** + Bachelor’s/Master’s degree (or similar) in Computer Science, Cybersecurity, Data Science, or a related field. + 5+ years of experience in Cybersecurity Architecture, Threat Modeling, or AI/ML engineering. + Strong understanding of AI/ML concepts, architectures, and common frameworks (e.g., TensorFlow, PyTorch, Scikit-learn). + Applied knowledge of threat modeling and threat modeling techniques (e.g., STRIDE, DREAD, PASTA) and security risk assessment. + The ability to extract/clarify/understand business requirements and solution designs from project teams, to identify threats and risks and to translate potential risks into security requirements which the project teams must implement + Familiarity with AI/ML-specific threats such as adversarial examples, model extraction, and data poisoning. + Excellent analytical, communication, and documentation skills. Ability to communicate complex AI security risks to technical and non-technical stakeholders is a must. + Ability to work collaboratively in cross-functional teams. **Preferred Skills** + Experience with cloud-based AI/ML platforms (e.g., AWS SageMaker, Azure ML, Google AI Platform). + Knowledge of regulatory requirements and standards related to AI/ML (e.g., NIST AI RMF, ISO/IEC 27001). + Security certifications (e.g., CISSP, CCSP, OSCP) or AI/ML certifications are a plus. + Experience with threat modeling tools and knowledge of MITRE frameworks (ATLAS, CAPEC, ATT&CK, D3FEND) **Architecte de la sécurité – modélisateur/modélisatrice, Menaces liées à l’IA** **Aperçu** Nous sommes à la recherche d’une personne chevronnée en architecture de la cybersécurité pour travailler comme modélisateur/modélisatrice, Menaces liées à l’IA. Dans le cadre de vos fonctions, il vous incombera de repérer, d’analyser et d’atténuer les menaces à la sécurité propres aux systèmes d’intelligence artificielle (IA) et d’apprentissage automatique. Vous collaborerez avec les équipes Ingénierie, Science des données et Sécurité afin de vous assurer que les solutions axées sur l’IA sont robustes, résilientes et conformes aux normes et à la réglementation du secteur. Vous devrez aussi contribuer à l’occasion à la conception des systèmes de sécurité, aux cadres d’architecture et à la stratégie technologique, en mettant l’accent sur les technologies d’IA émergentes. **Principales responsabilités** + Analyser la conception et l’architecture des solutions d’IA (robots conversationnels, agents, systèmes autonomes, etc.) afin de repérer les vulnérabilités, les menaces et les vecteurs d’attaque + Mettre au point et tenir à jour des modèles de menaces pour les systèmes d’IA/d’apprentissage automatique, en tenant compte de l’apprentissage automatique antagoniste, de l’empoisonnement de données, de l’inversion de modèle, de l’infiltration de requête, des risques liés à la protection des renseignements personnels, des scénarios de mauvais usage et d’autres menaces liées à l’IA + Évaluer les composants des systèmes d’IA (y compris les pipelines de données, l’entraînement des modèles, l’inférence, les interfaces de programmation d’applications et les environnements de déploiement) afin de déterminer leur niveau de vulnérabilité aux attaques et leur conformité aux normes de sécurité + Produire des rapports détaillés sur les menaces résumant les risques repérés, les mesures d’atténuation recommandées et leurs répercussions sur les affaires + Collaborer avec les unités fonctionnelles, les propriétaires de produit et les équipes d’ingénierie afin de prioriser et de mettre en œuvre des contrôles de sécurité et des mesures d’atténuation pour les vulnérabilités et les risques repérés + Se tenir au fait des nouvelles menaces, vulnérabilités et pratiques gagnantes en matière de sécurité de l’IA/de l’apprentissage automatique + Fournir de la formation et des conseils aux équipes techniques sur les pratiques de conception et de mise en œuvre sécurisées de l’IA/de l’apprentissage automatique + Contribuer au développement de cadres, de politiques et de normes d’architecture de sécurité de l’IA **Compétences et expérience** + Baccalauréat/maîtrise (ou diplôme similaire) en informatique, en cybersécurité, en science des données ou dans un domaine connexe. + Au moins cinq années d’expérience en architecture de la cybersécurité, en modélisation des menaces ou en ingénierie de l’IA/de l’apprentissage automatique. + Solide compréhension des concepts, des architectures et des cadres courants en matière d’IA/d’apprentissage automatique (p. ex. TensorFlow, PyTorch et Scikit-learn). + Connaissances pratiques en matière de modélisation des menaces et de techniques de modélisation des menaces (p. ex. STRIDE, DREAD et PASTA) et d’évaluation des risques liés à la sécurité. + Capacité à extraire/clarifier/comprendre les exigences et la conception des solutions des équipes de projet, à repérer les menaces et les risques et à traduire les risques potentiels en exigences de sécurité que les équipes de projet doivent mettre en œuvre. + Connaissance des menaces liées à l’IA/à l’apprentissage automatique comme les exemples contradictoires, l’extraction de modèles et l’empoisonnement de données. + Excellentes compétences analytiques et capacités de communication et de documentation. Capacité à communiquer les risques de sécurité complexes liés à l’IA aux parties prenantes techniques et non techniques, un atout essentiel. + Capacité à travailler en collaboration au sein d’équipes interfonctionnelles. **Compétences privilégiées** + Expérience avec les plateformes infonuagiques d’IA/d’apprentissage automatique (p. ex. AWS SageMaker, Azure ML et la plateforme d’IA de Google) + Connaissance des exigences et des normes réglementaires liées à l’IA/à l’apprentissage automatique (p. ex. NIST AI RMF et ISO/IEC 27001) + Certifications de sécurité (p. ex. CISSP, CCSP et OSCP) ou d’IA/d’apprentissage automatique, un atout + Expérience avec les outils de modélisation des menaces et connaissance des cadres MITRE (ATLAS, CAPEC, ATT&CK et D3FEND) **Who We Are:** TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues. TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you’ve got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we’re here to support you towards your goals. As an organization, we keep growing – and so will you. **Our Total Rewards Package** Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical, and mental well-being goals. Total Rewards at TD includes a base salary, variable compensation, and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off, banking benefits and discounts, career development, and reward and recognition programs. Learn more (http://www.td.com/ca/en/about-td/who-we-are/benefits-of-working-at-td) **Additional Information:** We’re delighted that you’re considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we’re committed to providing the support our colleagues need to thrive both at work and at home. Please be advised that this job opportunity is subject to provincial regulation for employment purposes. It is imperative to acknowledge that each province or territory within the jurisdiction of Canada may have its own set of regulations, requirements. **Colleague Development** If you’re interested in a specific career path or are looking to build certain skills, we want to help you succeed. You’ll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD – and we’re committed to helping you identify opportunities that support your goals. **Training & Onboarding** We will provide training and onboarding sessions to ensure that you’ve got everything you need to succeed in your new role. **Interview Process** We’ll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call. **Accommodation** Your accessibility is important to us. Please let us know if you’d like accommodations (including accessible meeting rooms, captioning for virtual interviews, etc.) to help us remove barriers so that you can participate throughout the interview process. We look forward to hearing from you! **Language Requirement (Quebec only):** Sans Objet Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.