Website Toyota

Cybersecurity Threat & Vulnerability Management EngineerTMN001I5
Overview

 

Who we are
Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world’s most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We’re looking for diverse, talented team members who want to grow and challenge what’s possible with us.
 
Who we’re looking for
Toyota Motor North America has embarked on an important mission to become the leader in cybersecurity for global mobility. We are making significant investments to enhance our capabilities through resource levels, talent development, process maturity, and technology enablement.  
 
As the team member responsible for threat and vulnerability management, you will be a key component of our team. This position will be responsible for assessing threat and vulnerabilities as they are discovered and understanding their impact in our environment. The role will work closely with cybersecurity, information technology, and business teams to define, develop, implement, and sustain vulnerability management processes to further our cybersecurity goals, as well as, evaluate the effectiveness of controls against emerging threats.   
 
Success requires:
•   a strong understanding of threat and vulnerability tactics, techniques, and procedures,
•   strong technical security knowledge with the ability to exploit software and assess POC exploits,
•   exposure to security in both off-premise cloud and on-premise data center centric environments.
What you’ll be doing
  • Lead development of technical processes and solutions for threat intelligence and vulnerability management including:
  • Threat and vulnerability information collection, analysis, and dissemination to other security teams and executive stakeholders
  • Develop integrations with cyber defense systems and internal/external data feeds
  • Engagement with and development of relationships with threat intelligence and vulnerability research communities (not vendor centric relationships) including ability to engage/extract/exchange important information
  • Model and plan for likely vulnerabilities in critical systems through technical examination
  • Development of approaches with operations teams for proactively and reactively addressing vulnerabilities including patching, unique specialized controls, code or configuration changes, and modifications of development processes
  • Development and testing of original exploit code using high level concepts of vulnerabilities
  • Development of tools to support vulnerability and attack analysis
  • Analysis of red and blue team exercise results and engagement with stakeholders to resolve identified vulnerabilities within SLAs
  • Identification and resolution of findings from ongoing assessments and other sources/reports
  • Producing metrics and reports on the state of system security, threat, vulnerability and patch management
  • Designing and delivering actionable threat and vulnerability dashboards and scorecards
  • Analyzing data sources and recommending optimal data sources to provide relevant reporting
  • Organizing and executing third-party technical assessments (e.g., penetration tests, social engineering assessments, targeted assessments)
  • Authoring, creating, and modifying threat and vulnerability checks by app, cloud, host and network-based standards
  • Leveraging threat intelligence tools to expand understanding and profiles of new/emerging attackers
  • Assessment, triage and analysis of malware threats including reverse engineering
Qualifications

 

What you bring  
  • Bachelor’s degree or higher, in Computer Science, Electric Engineering, or related discipline, or equivalent professional experience
  • Experience with Cybersecurity Threat & Vulnerability engineering
  • Advanced knowledge of software internals for key platforms such as Windows and Linux
  • Proficiency with at least one programming or scripting language (C/C++, Java, JavaScript, Python, PowerShell, Perl)
  • Able to effectively use open source and commercial tools to:
    • develop and test exploits,
    • find and exploit vulnerable systems,
    • perform penetration testing, – reverse engineer malware.
  • Experience and proficiency with gathering and using threat intelligence to:
    • develop vulnerability checks and technical assessments.
Preferred Qualifications:
  • Experience as an engineer or developer in technical threat intelligence and vulnerability research
  • Understanding of cloud utilization
  • Security hardening experience
  • Experience in hardware such as x64, x86, and ICS
What we’ll bring
During your interview process, our team can fill you in on all the details of our industry-leading benefits and career development opportunities. A few highlights include:
  • A work environment built on teamwork, flexibility and respect
  • Professional growth and development programs to help advance your career, as well as tuition reimbursement
  • Vehicle purchase & lease programs
  • Comprehensive health care and wellness plans for your entire family
  • Flextime and virtual work options (if applicable)
  • Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute
  • Paid holidays and paid time off
  • Referral services related to prenatal services, adoption, child care, schools and more
  • Flexible spending accounts
  • Relocation assistance (if applicable)
What you should know
Our success begins and ends with our people. We embrace diverse perspectives and value unique human experiences. We are proud to be an equal opportunity employer that celebrates the diversity of the communities where we live and do business. Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law.
 

Have a question or need assistance with your application?  Check out the How to Apply section of our careers page on Toyota.com

#LI- TMNA

Job

 Information Security

Primary Location

US-TX-Dallas-Plano

Organization

 TMN – Toyota Motor North America

Travel

 Yes, 25 % of the Time

Job Posting

 May 3, 2019, 8:25:07 AM