Business Information Security Officer, AI (US)

About The Position

Requirements

• Bachelor's degree preferred
• Information security certification / accreditation an asset
• 10+ years of relevant experience

Nice To Haves

• AI-Specific Skills & Industry Best Practices
• Deep understanding of AI risk management frameworks (e.g., NIST AI Risk Management Framework, ISO/IEC 23894, ISO42001, OWASP, MITRE).
• Familiarity with financial services industry regulations and standards (e.g., FFIEC, GLBA, GDPR, PCI DSS, NYDFS Cybersecurity Regulation).
• Experience implementing AI governance and ethical guidelines in financial institutions.
• Ability to assess and mitigate risks associated with AI models, including bias, explainability, and robustness.
• Knowledge of secure AI development lifecycle and best practices for model validation and monitoring.
• Expertise integrating AI security controls into enterprise architecture and technology platforms.
• Awareness of emerging AI threats, adversarial attacks, and evolving regulatory requirements.
• Ability to communicate complex AI risk concepts to executive stakeholders and non-technical audiences.
• Experience with incident response and remediation for AI-related security events.
• Commitment to continuous learning and staying current with industry trends, frameworks, and best practices in AI and financial services.

Responsibilities

• Provides technology risk advice and consultation to business partners
• Enables effective risk management within their risk appetite and supporting business objectives
• Facilitates communication and execution of enterprise-wide information security programs
• Delivers awareness training
• Conducts risk assessments on business applications, third parties, and infrastructure
• Validates that security and technology controls are implemented to support business requirements
• Oversees control and governance activities
• Identifies and assesses potential security risks and exposures that impact complex or high-risk businesses and strategic initiatives
• Leads development and/or implementation of significant or Bank-wide Technology Controls / Information Security strategies, policies, programs, tools
• Provides expert advice and guidance on technical solutions
• Oversees control and governance activities
• Identifies and assesses potential security risks, breaches/ exposures impacting highly complex / high risk businesses or transformational (change the bank) strategic initiatives primarily interfacing with executive and/or functional stakeholders across the Bank
• Works autonomously on high profile, complex and/or high risk technology projects with significant impact to the organization
• Provides technical leadership / consulting / direction to a larger team / portfolio on all aspects of technology controls / information security
• Foresees issues / gaps and identifies emerging industry trends (i.e. future focused)
• Provides recommendations on value-added improvements / enhancements
• Top technical expert individual contributor with expert knowledge of IT security and risk disciplines and practices
• Advanced and highly specialized knowledge of organization, technology controls / security/ risk issues
• Provides recommendations on value-added improvements / enhancements

Benefits

• Total Rewards at TD includes base salary and variable compensation/incentive awards (e.g., eligibility for cash and/or equity incentive awards, generally through participation in an incentive plan) and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off (including Vacation PTO, Flex PTO, and Holiday PTO), banking benefits and discounts, career development, and reward and recognition.