Overview

Who we are

Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the worlds most admired brands Toyota is growing and leading the future of mobility through innovative highquality solutions designed to enhance lives and delight those we serve. Were looking for talented team members who want to Dream. Do. Grow. with us.

To save time applying Toyota does not offer sponsorship of job applicants for employmentbased visas or any other work authorization for this position currently.

Toyotas Cybersecurity & Risk Management (CSRM) group objective is to become a global cybersecurity leader in the mobility space with the talent scale and services to enable our mission of securely bringing mobility for all.

We hope you will join us in this time of transformation and be a part of defining the nextgeneration cybersecurity capabilities for one of the largest global companies in the world.#Cyber

Who Were Looking For

Toyotas CSRM group is looking for team members who are passionate about technology and interested in joining a collaborative and highly motivated team as a Senior Manager Cybersecurity Attack Surface & Vulnerability Management.

Reporting to the Deputy CISO the primary responsibility of this role is to lead a dedicated team of cybersecurity professionals focused on managing our attack surface and ensuring that vulnerabilities in our environment are quickly identified triaged tracked and appropriately remediated. This role involves working with crossfunctional global stakeholders to drive remediation and systemic hygiene improvements managing and developing your team and their service delivery and ensuring that our coordinated disclosure / bug bounty practices uphold Toyotas reputation as a partner to the information security community.

What Youll Be Doing

• Maturing and advancing an attack surface / vulnerability management program and strategy that aligns with the evolving threat trends in the industry and organization.

• Managing and leading a team of cybersecurity professionals fostering a collaborative and innovative work environment.

• Assessing validating and triaging vulnerabilities working closely with asset owners to ensure timely remediation or approved exception tracking.

• Maintaining vulnerability scanning infrastructure and configurations as well as evaluating and recommending new products and solutions ensuring the most uptodate and accurate vulnerability detection and assessment.

• Managing and overseeing the coordinated disclosure / bug bounty program and working closely with external security researchers and internal stakeholders to address reported vulnerabilities and to uphold Toyotas reputation as a cybersecurity leader and a partner to the information security community.

• Tracking and following up on findings with asset owners to ensure that vulnerabilities are remediated or receive proper tracking and approved exceptions.

• Providing dashboards and regular reports to senior management on the status of the vulnerability management program including progress on remediation efforts and any critical vulnerabilities requiring immediate attention.

What You Bring

• Strong leadership communication and organizational skills with the ability to effectively manage and develop a team and collaborate with crossfunctional stakeholders.

• 8 years of experience in IT Cybersecurity Risk / Vulnerability Analysis or Management or related fields with at least 2 years in a leadership role.

• Strong knowledge of vulnerability management processes tools best practices and vulnerability validation and triaging.

• Demonstrated experience implementing a centralized vulnerability management solution that integrates data from multiple scanning tools and supports unified tracking remediation and reporting.

• Bachelors degree in Computer Science or related discipline or equivalent work experience

Added Bonus If You Have

• Experience with industrystandard enterprise vulnerability scanning offerings such as Qualys Tenable or RiskIQ and Attack Surface Management platforms.

• Vulnerability Management experience within containerization platforms (Docker Kubernetes etc. and major cloud environments (AWS Azure GCP etc.

• Familiarity with security frameworks and standards such as NIST ISO 27001 OWASP Top 10 or CIS Critical Security Controls.

• Masters degree in Computer Science or related discipline

• Relevant certifications such as CISSP CISM or OSCP are highly desirable.

What Well Bring

During your interview process our team can fill you in on all the details of our industryleading benefits and career development opportunities. A few highlights include:

• A work environment built on teamwork flexibility and respect

• Professional growth and development programs to help advance your career as well as tuition reimbursement

• Team Member Vehicle Purchase Discount

• Toyota Team Member Lease Vehicle Program (if applicable)

• Comprehensive health care and wellness plans for your entire family

• Flextime and virtual work options (if applicable)

• Toyota 401(k) Savings Plan featuring a company match as well as an annual retirement contribution from Toyota regardless of whether you contribute

• Paid holidays and paid time off

• Referral services related to prenatal services adoption child care schools and more

• Tax Advantaged Accounts (Health Savings Account Health Care FSA Dependent Care FSA)

Belonging at Toyota

Our success begins and ends with our people. We embrace all perspectives and value unique human experiences. Respect for all is our North Star. Toyota is proud to have 10 different Business Partnering Groups across 100 different North American chapter locations that support team members efforts to dream do and grow without questioning that they belong.

Applicants for our positions are considered without regard to race ethnicity national origin sex sexual orientation gender identity or expression age disability religion military or veteran status or any other characteristics protected by law.