Leadership Solutions

Manager of Security Risk Management


TD Ameritrade


Jersey City, NJ


The TDA Security Risk Management (SRM) Group, under the leadership of the Chief Information Security Officer (CISO), is tasked to protect information assets in support of TD Ameritrade business objectives and in conformity with TD Ameritrade policies. The Vulnerability and Threat Management (VTM) Team is a core function of SRM and is tasked with continually improving the security posture of TD Ameritrade through the analysis of vulnerability and threat data, responding appropriately to the results of such analysis, providing security-related guidance, developing security policies and evangelizing security matters throughout the company. The Manager, Security Risk Manager will manage a program to identify, classify, remediate and mitigate security risks and vulnerabilities throughout the company. Primary responsibilities include management of a risk assessment program, development and review of assessment reports and statistics and briefing of risk findings to company stakeholders.

  • Continually develop and improve security risk assessment methodology
  • Conduct security risk assessments of business processes, technology designs, security controls, technology architectures and product designs
  • Develop risk registers, security questionnaires and surveys to aid in the effective execution of risk assessments
  • Coordinate definition, production and continual improvement of security metrics across technology, security and business units
  • Partner with Security Risk Management peers to analyze and collect risk data and metrics from existing vulnerability, vendor management, project, threat management, and application related processes

Please see complete job description online.


  • 4 year College Degree
  • 5-10 years total experience
  • Bachelor’s degree in a related field and/or a minimum of 7 years of related experience
  • 5+ years of experience in performing risk assessments
  • Experience managing a team
  • An understanding of regulatory requirements: PCI, SOX, HIPAA, ISO 27002 standard
  • Information Security and control certifications preferred (CISSP, CISA, CRISC, etc.)
  • Military education or experience may be considered in lieu of civilian requirements listed

How to Apply:

Apply online