Job Specifications
Overview
Who we are
Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world’s most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We’re looking for talented team members who want to Dream. Do. Grow. with us.
An important part of the Toyota family is Toyota Financial Services (TFS), the finance and insurance brand for Toyota and Lexus in North America. While TFS is a separate business entity, it is an essential part of this world-changing company- delivering on Toyota's vision to move people beyond what's possible. At TFS, you will help create best-in-class customer experience in an innovative, collaborative environment.
To save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position at this time.
Who We’re Looking For
Toyota Financial Services (TFS) Technology team is looking for a highly motivated person to fill a role as a Threat and Exposure Management Lead, experienced in the integration, automation and continuous improvement of Threat Exposure Management systems and processes. Candidate would leverage their expertise in the areas of vulnerability management, secure configuration management, risk prioritization, web application scanning, Cloud and API security to help improve and continuously evolve the program.
This person will be a self-directing, organized, and effective communicator (verbal and written) who can transfer industry, business, and stakeholder requirements into scalable, cost efficient, and performance driven solutions.
This role requires strong technical expertise in cybersecurity, excellent leadership skills, and the ability to collaborate effectively with cross-functional teams.
What You’ll Be Doing
Lead vulnerability management processes including scanning, assessment, and remediation tracking.
Prioritize risks based on business impact and threat intelligence to guide remediation efforts.
Collaborate with IT and business units to ensure timely resolution of identified vulnerabilities.
Establish and maintain security governance frameworks and reporting mechanisms.
Lead the development of metrics and dashboards to communicate risk posture to stakeholders.
Stay current with emerging threats, vulnerabilities, and industry best practices.
Proposing and developing meaningful reporting to highlight key areas of risk, illustrate risk reduction, over time, and to provide actionable information for customers/stakeholders
Leveraging scripting languages and API’s to facilitate automation, data collection and reporting
Creating, maintaining, and driving domain-level standardized solution testing, evaluation, and operational procedures
Creating and reviewing domain documentation to meet and exceed internal and regulatory requirements and ensure consistency across all security engineering teams
Support incident response activities by providing context on vulnerabilities and exposures.
What You Bring
Extensive experience in threat and vulnerability management, risk assessment, secure configuration management and multi-discipline security principles.
Strong understanding of cybersecurity frameworks such as NIST, ISO 27001, and CIS Controls.
Proficiency with vulnerability management tools and platforms (e.g., Qualys, Tenable, Rapid7).
Certifications such as CISSP, CISM, CRISC, or similar are highly desirable. 7+ years of progressive, broad-based Information Security (IS) experience participating in projects and playing a key role toward successful security operations
Experience with the integration of security tools, disparate data types and systems automation
Strong leadership and communication skills, with the ability to collaborate effectively with cross-functional teams and articulate technical concepts to non-technical stakeholders.
Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent years of experience in the role.
Added bonus if you have
Experience with developing and implementing enterprise security policies.
Risk management experience in a regulated environment.
Knowledge of cybersecurity regulations and compliance requirements.
Experience with threat modeling and attack surface management.
Security incident response and coordination experience.
Experience with cloud security and enterprise risk management is a plus.
Bachelor's degree in Cybersecurity, Information Technology, or a related field; advanced degree preferred.
What We’ll Bring
During your interview process, our team will provide detailed information about our industry-leading benefits and career development opportunities. Here are a few highlights:
A work environment built on teamwork, flexibility, and respect.
Professional growth and development programs to help advance your career,
About the Company
At Toyota, we're known for making some of the highest quality vehicles on the road. But there is more to our story. We believe in putting people first and creating opportunities for our team members to build careers as unique as they are. As one of the world's most admired brands, we are leading the way to the future of mobility, so everyone can move freely, happily and comfortably. We have big dreams and believe that nothing is impossible.
Ready to Dream, Do and Grow with us? Visit https://careers.toyota.com/us/en for inf...
Know more