Information Security Specialist - Cloud Security Architect; Containers & Kubernetes

Information Security Specialist – Cloud Security Architect (Containers & Kubernetes)

1 day ago – be among the first 25 applicants.

Work Location: Toronto, Ontario, Canada

Hours: 37.5 per week

Line Of Business: Technology Solutions

Salary: $91,200 – $136,800 CAD (variable and other rewards included).

TD is committed to fair compensation and growth opportunities. Compensation details may vary by candidate skill, experience, and business needs.

We build a world‑class technology team. This role focuses on designing, implementing, and governing secure container platforms and Kubernetes environments across public cloud and hybrid deployments. You will lead the development and maintenance of Security Technical Implementation Guides (STIGs) and collaborate with business partners to ensure secure technology delivery.

• Develop and maintain Kubernetes and container security STIGs for clusters, runtimes, image registries, Helm charts, and ingress controllers.
• Map STIGs to frameworks such as CIS Kubernetes Benchmarks, CIS Docker Benchmarks, NIST 800-53, and Zero Trust Architecture.
• Ensure continuous updates aligned with new Kubernetes releases and emerging container threats.
• Architect secure Kubernetes and container‑based solutions across AWS, Azure, GCP and hybrid/on‑prem environments.
• Define secure configurations for Kubernetes components (API server, etcd, controller manager, scheduler, kubelet).
• Establish zero‑trust and least‑privilege principles for workloads, service accounts, and cluster access.
• Design secure deployment patterns for microservices, service mesh, and container networking.
• Oversee integration of container security controls into CI/CD pipelines.
• Support automated policy enforcement using Infrastructure as Code.
• Support continuous compliance scanning for misconfigurations, vulnerabilities, and drift.
• Define cluster governance: namespace strategy, admission controls, RBAC, network policies, and logging standards.
• Maintain end‑to‑end security posture across containerized workloads.
• Mentor team members in secure container deployment practices and guide technical leadership on platform evolution and best practices.

• University degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
• Information Security and Kubernetes certification.
• 7+ years in information security with 3+ years in Kubernetes or container platform security.
• Proven experience developing and maintaining STIGs or equivalent security baselines.
• Deep expertise in public cloud Kubernetes‑as‑a‑Service products.
• Strong understanding of Kubernetes RBAC, Pod Security, Network Policies, Ingress security, and Secrets management.
• Hands‑on experience with IaC tooling.
• Familiarity with container security scanning tools.
• Experience with CI/CD integration and Dev Sec Ops  governance.

• Inspire a positive work environment and champion quality, innovation, teamwork, and service to the business.
• Learn voraciously and stretch your thinking.

Our Total Rewards package includes base salary, variable compensation, health & wellness benefits, retirement plans, paid time off, banking benefits, career development, and recognition programs.

Sans Objet

We’ll reach out to candidates of interest to schedule an interview. We communicate outcomes by email or phone. Accessibility accommodations are available.

We look forward to hearing from you!