#Cybersecurity #Threat & #Vulnerability Management #Engineer

Who we are
Collaborative. Respectful. A place to dream and do. These are just a few words that describe what life is like at Toyota. As one of the world’s most admired brands, Toyota is growing and leading the future of mobility through innovative, high-quality solutions designed to enhance lives and delight those we serve. We’re looking for diverse, talented team members who want to grow and start their impossible with us.

Who we’re looking for
Toyota Motor North America has embarked on an important mission to become the leader in cybersecurity for global mobility. We are making significant investments to enhance our capabilities through resource levels, talent development, process maturity, and technology enablement.

As the team member responsible for threat and vulnerability management, you will be a key component of our team. This position will be responsible for assessing threat and vulnerabilities as they are discovered and understanding their impact in our environment. The role will work closely with cybersecurity, information technology, and business teams to define, develop, implement, and sustain vulnerability management processes to further our cybersecurity goals, as well as, evaluate the effectiveness of controls against emerging threats.

Success requires:

  • a strong understanding of threat and vulnerability tactics, techniques, and

procedures,

  • strong technical security knowledge with the ability to exploit software and

assess POC exploits,

  • exposure to security in both off-premise cloud and on-premise data center

centric environments.

What you’ll be doing
Lead development of technical processes and solutions for threat intelligence and vulnerability management including:

  • Threat and vulnerability information collection, analysis, and dissemination to

other security teams and executive stakeholders

  • Develop integrations with cyber defense systems and internal/external data

feeds

  • Engagement with and development of relationships with threat intelligence and

vulnerability research communities (not vendor centric relationships) including
ability to engage/extract/exchange important info

  • Model and plan for likely vulnerabilities in critical systems through technical

examination

  • Development of approaches with operations teams for proactively and

reactively addressing vulnerabilities including patching, unique specialized
controls, code or configuration changes, and modifications of development
processes

  • Development and testing of original exploit code using high level concepts of

vulnerabilities

  • Development of tools to support vulnerability and attack analysis
  • Analysis of red and blue team exercise results and engagement with

stakeholders to resolve identified vulnerabilities within SLAs

  • Identification and resolution of findings from ongoing assessments and other

sources/reports

  • Producing metrics and reports on the state of system security, threat,

vulnerability and patch management

  • Designing and delivering actionable threat and vulnerability dashboards and

scorecards

  • Analyzing data sources and recommending optimal data sources to provide

relevant reporting

  • Organizing and executing third-party technical assessments (e.g., penetration

tests, social engineering assessments, targeted assessments)

  • Authoring, creating, and modifying threat and vulnerability checks by app,

cloud, host and network-based standards

  • Leveraging threat intelligence tools to expand understanding and profiles of

new/emerging attackers

  • Assessment, triage and analysis of malware threats including reverse

engineering

What you bring

  • Bachelor’s degree or higher, in Computer Science, Electric Engineering, or related discipline, or equivalent professional experience
  • Experience with Cybersecurity Threat & Vulnerability engineering
  • Advanced knowledge of software internals for key platforms such as Windows and Linux
  • Proficiency with at least one programming or scripting language (C/C++, Java, JavaScript, Python, PowerShell, Perl)
  • Able to effectively use open source and commercial tools to:
    • develop and test exploits,
    • find and exploit vulnerable systems,
    • perform penetration testing,
    • reverse engineer malware.
      Experience and proficiency with gathering and using threat intelligence to:

      • develop vulnerability checks and technical assessments.

Added bonus if you have

  • Experience as an engineer or developer in technical threat intelligence and vulnerability research
  • Understanding of cloud utilization
  • Security hardening experience
  • Experience in hardware such as x64, x86, and ICS

What we’ll bring
During your interview process, our team can fill you in on all the details of our industry-leading benefits and career development opportunities. A few highlights include:

  • A work environment built on teamwork, flexibility and respect
  • Professional growth and development programs to help advance your career, as well as tuition reimbursement
  • Vehicle purchase & lease programs
  • Comprehensive health care and wellness plans for your entire family
  • Flextime and virtual work options (if applicable)
  • Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute
  • Paid holidays and paid time off
  • Referral services related to prenatal services, adoption, child care, schools and more
  • Flexible spending accounts
  • Relocation assistance (if applicable)

What you should know
Our success begins and ends with our people. We embrace diverse perspectives and value unique human experiences. We are proud to be an equal opportunity employer that celebrates the diversity of the communities where we live and do business. Applicants for our positions are considered without regard to race, ethnicity, national origin, sex, sexual orientation, gender identity or expression, age, disability, religion, military or veteran status, or any other characteristics protected by law.

Have a question or need assistance with your application? Check out the How to Apply section of our careers page on Toyota.com!

To save time applying, Toyota does not offer sponsorship of job applicants for employment-based visas or any other work authorization for this position at this time.
#LI-TMNA

Source: https://www.indeed.com/viewjob?jk=2f2e8ee40aeea14d&tk=1cr647a345mhj803&from=serp&vjs=3