Senior Analyst - Technology & Cybersecurity Risk Management

Overview

Who we are

Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world's most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We're looking for diverse, talented team members who want to Dream. Do. Grow. with us.

This position is based in Plano, TX with a hybrid mix of some in-office time and some remote work.

To save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position at this time.

Toyota's Cybersecurity & Risk Management (CSRM) group objective is to become a global cybersecurity leader in the mobility space - with the talent, scale, and services to enable our mission of securely bringing mobility for all.

We hope you will join us in this time of transformation and be a part of defining the next-generation cybersecurity capabilities for one of the largest global companies in the world. #Cyber

Who We're Looking For

Toyota's CSRM group is looking for team members who are passionate about technology and interested in joining a collaborative and highly motivated team as a Senior Analyst - Technology & Cybersecurity Risk Management.

The primary responsibility of this role is to analyze technology and cybersecurity risks working closely with other technology teams.

Reporting to the Technology & Cybersecurity Risk Senior Manager, the person in this role will join the collaborative and agile Cybersecurity Risk and Operations Management team to visualize and reduce Toyota's technology risk and guide the Cybersecurity Risk Management strategy and business.

What You'll Be Doing

• Deliver world class security, governance, risk, and compliance services across TMNA and its affiliates under minimal supervision with some latitude for independent judgement.

• Work closely with the Cyber Risk & Operations Management (CROM) team as well as closely partnering with all cybersecurity teams to evaluate, implement, maintain, and improve security controls to assure compliance with TMNA Policies as well as applicable regulatory and legal requirements

• Perform risk assessment to internal and external applications, systems, supporting tools and infrastructure part of TMNA technology landscape

• Track and measure progress and impact of cyber risk strategic initiatives to create and follow repeatable disciplined supporting processes to ensure timelines, scalability, and quality of CROM deliverables

• Assess and implement IT general controls in alignment with regulatory requirements (e.g., SOX, HIPPA, GDPR, CCPA) and security frameworks (e.g., NIST, ISO, COBIT)

• Drive cybersecurity, compliance, third-party assessments, and risk management efforts across enterprise stakeholders and internal cybersecurity teams

• Provide business value to Toyota through the standardization and automation of security controls and their execution across the Toyota ecosystem

Continuously capture inherent risk (cyber, technology, and operational) to identify alternative countermeasures to minimize residual risk and to increase security posture across the organization

• Keep abreast of new risk approaches and standards to ensure long-term success of business processes

• Ensure risk management processes are integrated in both cybersecurity and business unit planning cycles (e.g., on-boarding, off-boarding, contracts, policies)

• Collaborate with all levels of leadership within IT and other business areas to assess, track mitigations, and monitor Toyota controls and cybersecurity condition through risk prioritization

• Partner effectively with cybersecurity, product, platform, internal audit, legal, and other internal peers to support TMNA's compliance with applicable legal, regulatory, and security frameworks

• Work closely with top management to understand risk appetite in alignment with actual risk exposure to identify and prioritize countermeasures

• Drive cybersecurity awareness and reinforce CROM/CSRM brand through educating teams and leadership on the cybersecurity core risk management strategy and processes

What You Bring

• Bachelor's degree in computer science, other engineering, related field, or equivalent experience

• Experience in cybersecurity risk management supporting compliance to regulations and industry frameworks

• Expert knowledge of cybersecurity risk management processes (both qualitative and quantitative)

• Significant experience with compliance regulations/laws, security frameworks and standards (e.g., NIST, HIPAA, ISO, COBIT, OWASP, ITIL)

• Excellent understanding of IT General Controls and their applicability to applications and systems with governance, risk, and compliance.

• Experience in strategy, consulting, engineering, or other relevant discipline

• Superb analytical and problem-solving abilities in complex situations using enterprise-wide thinking

• Works with minimal supervision with some specific decision-making authority

• Excellent communication skills (verbal and written) to tailor messages to different audiences, presenting it clearly and concisely at the right altitude

Added Bonus If You Have

• CISA, CISSP, CIA, CIPM, or other related cybersecurity certifications

• Agile, Scrum, Lean, or related certifications

• Experience building and/or analyzing financial business cases, experience in product management

• Demonstrated success in project management, business analysis, and data analysis

• Proven ability to bring clarity and focus to complex and ambiguous situations

What we'll bring

During your interview process, our team can fill you in on all the details of our industry-leading benefits and career development opportunities. A few highlights include:

• A work environment built on teamwork, flexibility and respect

• Professional growth and development programs to help advance your career, as well as tuition reimbursement

• Team Member Vehicle Purchase Discount

• Toyota Team Member Lease Vehicle Program (if applicable)

• Comprehensive health care and wellness plans for your entire family

• Flextime and virtual work options (if applicable)

• Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute

• Paid holidays and paid time off

• Referral services related to prenatal services, adoption, child care, schools and more

• Tax Advantaged Accounts (Health Savings Account, Health Care FSA, Dependent Care FSA)

Belonging at Toyota

Our success begins and ends with our people. We embrace diverse perspectives and value unique human experiences. Respect for all is our North Star. Toyota is proud to have 10+ different Business Partnering Groups across 100 different North American chapter locations that support team members' efforts to dream, do and grow without questioning that they belong. As a company that has been one of DiversityInc's Top 50 Companies for Diversity and a member of The Billion Dollar Roundtable supporting minority and woman-owned suppliers for over 10 years, we are proud to be an equal opportunity employer that celebrates the diversity of the communities where we live and do business.

Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law.

Have a question, need assistance with your application or do you require any special accommodations? Please send an email to talent.acquisition@toyota.com.